DevSecOps – by any other name

By Seb Rose

New software development approaches continue to be promoted. You may be aware of waterfall, RUP, 4GLs, 3-tier client server - all still alive and kicking in some domains. You will be familiar with some (or all) of Agile, Kanban, DevOps, SAFe, No Code/Low Code and many others.

A new kid on the block is DevSecOps. What does that mean? Where did it come from? Why is it important? If we adopted the tenets of DevSecOps without calling it DevSecOps would it “smell just as sweet”? What would it “smell” like if we spun up a DevSecOps team, without understanding the fundamental challenges that DevSecOps was intended to overcome?

In this session I’ll explore the origins of DevSecOps before going on to demonstrate the distance between the label and the intent of DevSecOps. Finally I’ll try to generalise the journey from “good idea” to “empty slogan” that seems to underpin many of the hyped transformations that I’ve lived through during my 40 year career in software.





Your Privacy

By clicking "Accept Non-Essential Cookies" you agree ACCU can store non-essential cookies on your device and disclose information in accordance with our Privacy Policy and Cookie Policy.

Current Setting: Non-Essential Cookies REJECTED


By clicking "Include Third Party Content" you agree ACCU can forward your IP address to third-party sites (such as YouTube) to enhance the information presented on this site, and that third-party sites may store cookies on your device.

Current Setting: Third Party Content EXCLUDED



Settings can be changed at any time from the Cookie Policy page.