Design and Practice if Security Architecture via DevSecOps Technology DOI:10.1109/ICSESS54813.2022.9930212
DevSecOps architecture design is divided into 10 phases.
DevSecOps architecture is designed to meet the international leading cloud native security 4C model (CNCF standard: cloud, cluster, container, code) and security development life cycle (Microsoft standard) evaluation system, across the two areas of R&D performance and security, security is introduced into every stage of the R&D process (DORA Level 5 standard: Integrate security in the requirements, design, build, test, and deployment phases).
Implementation of DevSecOps by Integrating Static and Dynamic Security Testing in CI/CD Pipelines DOI:10.1109/ICOSNIKOM56551.2022.10034883
https://github.com/lianahq/skinner ⇒ Python script named Skinner performs automated security testing with Burp Suite Pro on the GitLab CI pipeline using the DevSecOps implementation procedure.
Challenges and solutions when adopting DevSecOps: A systematic review https://doi.org/10.1016/j.infsof.2021.106700
Challanges About DevSecOps