Volume 11 - Volume 11
Effective DevSecOps Implementation: A Systematic Literature Review
Abstract
Adopting DevOps means increased collaboration between development and operations teams and
faster release cycles through a shift to automation. Using Dev Ops brings with it several advantages
in the development of software. Security, however, is often neglected in DevOps due to the fast
release cycle. Therefore Dev Sec Ops has emerged as an extension to DevOps that attempts to
integrate security with Dev Ops practices, which is not without its challenges. DevOps, and by
extension Dev Sec Ops, represents a significant change in the culture, tooling, and processes used in
software development. Therefore, when implementing DevSecOps, teams and their organizations
need to be aware of the challenges it brings and how to address those challenges for a DevSecOps
implementation to be effective. Literature on DevSecOps exists that outlines practices and principles
to do this. This paper uses a grounded theory approach to do a systematic literature review of
academic literature to find the factors that contribute to an effective DevSecOps implementation. It
attempts to reconcile the challenges of DevSecOps with ways of mitigating them and the advantages
that a DevSecOps implementation can bring. The paper thus outlines methods of effectively
implementing DevSecOps as described in academic literature.
Paper Details
PaperID: 2514
Author's Name: Dhaval Anjaria and Mugdha Kulkarni
Volume: Volume 11
Issues: Volume 11
Keywords: DevOps, DevSecOps, Security, SecDevOps, Continuous Integration, Continuous Delivery.
Year: 2021
Month: August
Pages: 4931- 4945