{"title":"有效的DevSecOps实现:系统的文献综述","authors":"Dhaval M. Anjaria, Mugdha Shailendra Kulkarni","doi":"10.47059/revistageintec.v11i4.2514","DOIUrl":null,"url":null,"abstract":"Adopting DevOps means increased collaboration between development and operations teams and faster release cycles through a shift to automation. Using Dev Ops brings with it several advantages in the development of software. Security, however, is often neglected in DevOps due to the fast release cycle. Therefore Dev Sec Ops has emerged as an extension to DevOps that attempts to integrate security with Dev Ops practices, which is not without its challenges. DevOps, and by extension Dev Sec Ops, represents a significant change in the culture, tooling, and processes used in software development. Therefore, when implementing DevSecOps, teams and their organizations need to be aware of the challenges it brings and how to address those challenges for a DevSecOps implementation to be effective. Literature on DevSecOps exists that outlines practices and principles to do this. This paper uses a grounded theory approach to do a systematic literature review of academic literature to find the factors that contribute to an effective DevSecOps implementation. It attempts to reconcile the challenges of DevSecOps with ways of mitigating them and the advantages that a DevSecOps implementation can bring. The paper thus outlines methods of effectively implementing DevSecOps as described in academic literature.","PeriodicalId":428303,"journal":{"name":"Revista Gestão Inovação e Tecnologias","volume":"48 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Effective DevSecOps Implementation: A Systematic Literature Review\",\"authors\":\"Dhaval M. Anjaria, Mugdha Shailendra Kulkarni\",\"doi\":\"10.47059/revistageintec.v11i4.2514\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Adopting DevOps means increased collaboration between development and operations teams and faster release cycles through a shift to automation. Using Dev Ops brings with it several advantages in the development of software. Security, however, is often neglected in DevOps due to the fast release cycle. Therefore Dev Sec Ops has emerged as an extension to DevOps that attempts to integrate security with Dev Ops practices, which is not without its challenges. DevOps, and by extension Dev Sec Ops, represents a significant change in the culture, tooling, and processes used in software development. Therefore, when implementing DevSecOps, teams and their organizations need to be aware of the challenges it brings and how to address those challenges for a DevSecOps implementation to be effective. Literature on DevSecOps exists that outlines practices and principles to do this. This paper uses a grounded theory approach to do a systematic literature review of academic literature to find the factors that contribute to an effective DevSecOps implementation. It attempts to reconcile the challenges of DevSecOps with ways of mitigating them and the advantages that a DevSecOps implementation can bring. The paper thus outlines methods of effectively implementing DevSecOps as described in academic literature.\",\"PeriodicalId\":428303,\"journal\":{\"name\":\"Revista Gestão Inovação e Tecnologias\",\"volume\":\"48 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-08-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Revista Gestão Inovação e Tecnologias\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.47059/revistageintec.v11i4.2514\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Revista Gestão Inovação e Tecnologias","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.47059/revistageintec.v11i4.2514","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Effective DevSecOps Implementation: A Systematic Literature Review
Adopting DevOps means increased collaboration between development and operations teams and faster release cycles through a shift to automation. Using Dev Ops brings with it several advantages in the development of software. Security, however, is often neglected in DevOps due to the fast release cycle. Therefore Dev Sec Ops has emerged as an extension to DevOps that attempts to integrate security with Dev Ops practices, which is not without its challenges. DevOps, and by extension Dev Sec Ops, represents a significant change in the culture, tooling, and processes used in software development. Therefore, when implementing DevSecOps, teams and their organizations need to be aware of the challenges it brings and how to address those challenges for a DevSecOps implementation to be effective. Literature on DevSecOps exists that outlines practices and principles to do this. This paper uses a grounded theory approach to do a systematic literature review of academic literature to find the factors that contribute to an effective DevSecOps implementation. It attempts to reconcile the challenges of DevSecOps with ways of mitigating them and the advantages that a DevSecOps implementation can bring. The paper thus outlines methods of effectively implementing DevSecOps as described in academic literature.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
