What is DevSecOps?

The practice of DevOps includes integrated and multidisciplinary teams that work together to enable continuous software delivery. To improve velocity, developers constantly add open-source components to their projects. In most cases, there is potential to introduce security vulnerabilities and license compliance issues. DevSecOps (development, security, and operations) shifts security further upstream in the development pipeline, enhances other segments of the software development life cycle, and reinforces overall security. Indeed, DevSecOps aims to integrate security into all aspects of the life cycle, including design, implementation, testing, and deployment.