DevOps vs DevSecOps

  • 7 August 2023
  • 8 replies
  • 147 views

What would be considered the similiarities and differences between DevOps and DevSecOps. Will DevSecOps replace DevOps in future?


8 replies

Userlevel 5
Badge +3

Oh, what an interesting question! I’d say that DevSecOps sort of evolved from the DevOps. The idea behind both of them is that you want to remove all the obstacles that might slow down the software development process (ie. so you can ship the software as fast as possible). 

 

But how came that we are talking about DevSecOps?

One day Moses came down and said: “Hey, it’s really pricy to fix the security issue late in the development. We should incorporate security into each stage of the already existing DevOps methodology to lower the costs and prevent potential issues down the line.” → that’s basically a point behind DevSecOps

 

Nowadays, companies are paying much more attention to security (which is good) and even though I do not have a crystall ball, I think that we can make the safe assumption that most companies will adapt the DevSecOps practices. 

Userlevel 5
Badge +3

DevOps, DevSecOps, DevTestOps, SecDevOps, DevTestSecOps there are so many of these buzzwords flying around at the moment!

 

@hungoboss answer above was perfect there. All of these ideas are just a natural evolution of the software creation & release process… projects* realising that it’s very costly (reputation, money + more) to have software in public use which has security vulnerabilities or other critical bugs appear, then wanting to “shift left”, “shift right” or whatever today’s term is… to kill the waterfall idea of disparate teams operating in silos and handing over from one to another only when something is at a complete stage (business >  dev > test > *** > release > support). Instead preferring for testers, security engineers and more all being involved from day 1 ideally - able to forsee, give input and plan for work as early as possible.

 

* = Doesn’t apply to AAA computer games apparently

** = Currently security & maintenance are the fancy-modern-cool ones of today, performance, usability, architecture, accessibility there are no reasons why these shouldn’t all be considered and included the same way (if not already incorporated into test) 

Userlevel 5
Badge +3

@alex_read nicely said. Had to even look up what some of the terms (such as DevTestSecOps) mean and if they are real. What is going to be next? Triceratops?

Userlevel 5
Badge +3

Love it! Exactly… it’s like the Finnish language, you can just keep adding more & more onto the end of that term it seems - take your pick as to whatever the buzzword of the month is! XcD

 

 DevTestSecOpsAiCloudTriceratops???

Userlevel 5
Badge +3

@alex_read , you have totally forgot to add Blockchain and Crypto :)

Userlevel 5
Badge +3

New one spotted on https://insomnia.rest/download today… “AIOps” is now apparently a thing… :cD

Thanks 😋

Can i ask some questions about it?

Userlevel 7
Badge +2

Thanks 😋

Can i ask some questions about it?

Sure! 

Reply