SecDevOps integrates security from the start, as in security lead not delivery lead.
It defines the mindset, dealing with security 1st and shifting left (eg. Threat modelling, sast linters). If your talking about dependency and dast patching post deployment that should be in your cost model and processes anyway.
Its about applying the 3 pillars properly.
Education
Secure by design
Automation
To drive security, shifting left where possible but more importantly adopting the right culture to build safely.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
SecDevOps is better than DevSecOps.
Shift your security left!
DevSecOps shift to center is always better. Responsibility of Dev as well as ops when it comes to post deployment
SecDevOps integrates security from the start, as in security lead not delivery lead.
It defines the mindset, dealing with security 1st and shifting left (eg. Threat modelling, sast linters). If your talking about dependency and dast patching post deployment that should be in your cost model and processes anyway.
Its about applying the 3 pillars properly.
Education
Secure by design
Automation
To drive security, shifting left where possible but more importantly adopting the right culture to build safely.