Cloud 101CircleEventsBlog
Join AT&T's experts & CSA's Troy Leach on April 4 to boost your cyber resilience in 2024!

Download Publication

The Six Pillars of DevSecOps - Pragmatic Implementation
The Six Pillars of DevSecOps - Pragmatic Implementation

The Six Pillars of DevSecOps - Pragmatic Implementation

Release Date: 12/14/2022

Working Group: DevSecOps

This document provides a high-level overview of the various tools and processes that should be considered when building out a successful DevSecOps program. It takes a wide range of DevSecOps activities and turns them into a cookbook for teams to reference when considering different approaches. It also is broken down to allow a reader with a specific role to hone in on the sections relevant to their area of expertise and responsibility. Follow-up papers will take this high-level overview, and provide specific guidance for various use-cases, as well as recommendations on which order to focus on implementation to see the greatest returns for the reader’s context. 
Download this Resource

Bookmark
Share
Related resources
Defining the Zero Trust Protect Surface
Defining the Zero Trust Protect Surface
The Six Pillars of DevSecOps - Collaboration and Integration
The Six Pillars of DevSecOps - Collaboration an...
The State of Security Remediation 2024
The State of Security Remediation 2024
How to Secure Business-Critical Applications
How to Secure Business-Critical Applications
Published: 03/28/2024
6 Surprising Findings from the CSA State of Security Remediation Report
6 Surprising Findings from the CSA State of Security Remediation Re...
Published: 03/28/2024
For Game-Changing Cloud Workload Protection, Focus on Quality Over Quantity
For Game-Changing Cloud Workload Protection, Focus on Quality Over ...
Published: 03/27/2024
Architecture Drift: What It Is and How It Leads to Breaches
Architecture Drift: What It Is and How It Leads to Breaches
Published: 03/22/2024

Acknowledgements

Roupe Sahans
Roupe Sahans
DevSecOps Leader

Roupe Sahans

DevSecOps Leader

Roupe leads DevSecOps delivery and thought leadership for technology and media clients embracing digital transformation.

Roupe started his DevOps journey in 2016, building containerised microservices on AWS for government platforms. He has since been working with engineers to c-suite executives to embed security and resilience into digital products, secure cloud services, and reduce cyber technical-debt.

Most recently Roupe ha...

Read more

Michael Roza
Michael Roza
Head of Risk, Audit, Control and Compliance

Michael Roza

Head of Risk, Audit, Control and Compliance

Since 2012 Michael has contributed to over 100 CSA projects completed by CSA's Internet of Things, Zero Trust/Software-Defined Perimeter, Top Threats, Cloud Control Matrix, Containers/Microservices, DevSecOps, and other working groups. He has also served as co-chair of CSA's Enterprise Architecture, Top Threats, and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, SECaaS, and Cloud K...

Read more

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training