The Big Shift Left
The transformational trend toward DevOps is all about fostering close collaboration between developers, operations, and quality assurance (QA) pros. When organizations make the effort to add security into that mix — achieving what some call DevSecOps practices — enterprises gain the power to achieve what many security practitioners have long thought impossible.
"This movement we have with DevSecOps is really about bringing more security to software faster – shifting left," says Shannon Lietz, director of DevSecOps at Intuit.
In other words, security testing and requirements aren't laid out at the end of a lengthy waterfall process. Instead, security teams are included during the earliest stages of software design, and their input is woven into acceptance requirements from the start.
Image Source: Adobe Stock (illiano)