Wikipedia defines devops as: “
DevOps is a methodology in the software development and IT industry. Used as a set of practices and tools, DevOps integrates and automates the work of software development (Dev) and IT operations (Ops) as a means for improving and shortening the systems development life cycle.[1] DevOps is complementary to agile software development; several DevOps aspects came from the agile way of working.
Automation is an important part of DevOps. Software programmers and architectsshould use “fitness functions” to keep their software in check.[2]“
DevSecOps is when security is integrated into the DevOps methodology. Many requirements in the EU legislations, like NIS2 and CRA adds security as an integrated part of how software is designed, developed, tested, published and implemented. Thus, adding a “Sec” for “Security” in the middle of “DevOps” leads to “DevSecOps”. There are many ideas on how to do this properly.
Further exploration:
- What is DevSecOps? AWS
- The fundamentals of DevSecOps – Github
- What is DevSecOps? – Gitlab