In Part One of this blog series DevSecOps – Win Win for All, we established a foundation for DevSecOps practices with our Cloud Security Manifesto. In Part 2 of this series, we will describe another key aspect of DevSecOps – developing security guardrails with a hands-on approach via Agile hackathons.
DevSecOps is about bridging DevOps workflows with Information Security (Infosec) Operations by embedding security as code during development, validation during testing and leveraging automation to run continuous operations. From many years in IT, we know that it’s a good idea to first prove ideas manually before we automate.