Enhancing DevSecOps: Three Custom Tools for Continuous Security

With the swift advancement of technology and the widespread adoption of agile methodologies, integrating security known as DevSecOps-has become essential to maintain software integrity and safety. This paradigm shift focuses on embedding security testing throughout the development lifecycle, advocat...

Full description

Saved in:
Bibliographic Details
Published inIEEE International Conference on Cyber Security and Cloud Computing (CSCloud) (Online) pp. 53 - 58
Main Authors Bernardino, Nuno Andre, Sequeira, Bernardo, Piza, Eduardo, Henriques, Fabio, Neves, Filipe, Reis, Catarina I.
Format Conference Proceeding
LanguageEnglish
Published IEEE 28.06.2024
Subjects
automation
Cloud computing
Continuous Security Testing
DevSecOps
Information security
Organizations
Safety
Security
Software
Usability
vulnerabilities
Online AccessGet full text
ISSN2693-8928
DOI10.1109/CSCloud62866.2024.00017

Cover

More Information
Summary:With the swift advancement of technology and the widespread adoption of agile methodologies, integrating security known as DevSecOps-has become essential to maintain software integrity and safety. This paradigm shift focuses on embedding security testing throughout the development lifecycle, advocating for Continuous Security Testing (CST) instead of postponing it to later stages. We propose three custom tools tailored for specific stages of the development cycle. By using these tools, organizations can strengthen their security practices and uphold software integrity throughout the development process. We offer a preliminary analysis of these tools aimed at improving information security within organizations. In the future, they will be made available to end users, and their usability will be assessed.
ISSN:2693-8928
DOI:10.1109/CSCloud62866.2024.00017