24 Hits in 2.5 sec

DevSecOps: A Multivocal Literature Review [chapter]

Håvard Myrbakken, Ricardo Colomo-Palacios
2017 Communications in Computer and Information Science  
To that end, we conducted a multivocal literature review, where we reviewed a selection of grey literature.  ...  This study is meant to give an overview of what DevSecOps is, what implementing DevSecOps means, the benefits gained from DevSec-Ops and the challenges an organization faces when doing so.  ...  To the best of authors' knowledge, there is not a systematic literature review on DevSecOps or a large body of scientific work related to DevSecOps.  ... 
doi:10.1007/978-3-319-67383-7_2 fatcat:dzhqtihhgjetxawnwbe4pdvudm

Effective DevSecOps Implementation: A Systematic Literature Review

Dhaval Anjaria, Mugdha Kulkarni
2021 Revista GEINTEC  
This paper uses a grounded theory approach to do a systematic literature review of academic literature to find the factors that contribute to an effective DevSecOps implementation.  ...  The paper thus outlines methods of effectively implementing DevSecOps as described in academic literature.  ...  the literature review findings; hereby, referred to as "The Theory."  ... 
doi:10.47059/revistageintec.v11i4.2514 fatcat:wgf6uvcagvdblkdl7vrh34ekqe

Challenges and solutions when adopting DevSecOps: A systematic review [article]

Roshan N. Rajapakse, Mansooreh Zahedi, M. Ali Babar, Haifeng Shen
2021 arXiv   pre-print
Method: We conducted a Systematic Literature Review of 54 peer-reviewed studies. The thematic analysis method was applied to analyze the extracted data.  ...  Finally, achieving a suitable balance between the speed of delivery and security is a significant issue practitioners face in the DevSecOps paradigm.  ...  We have also identified studies that have used a systematic review of the literature as part of the study. The study conducted by Rafi et al.  ... 
arXiv:2103.08266v2 fatcat:ndght5cprfh5zfgxq7645ki4du

Performance Analysis of Automation Monitoring System shifting from DevOps to DevSecOps

2020 International Journal of Emerging Trends in Engineering Research  
To investigate and to reviewed through the four principles of DevSecOps: ethnicity, Automation, dimension and division .As a consequence, it was found that the available research focuses heavily on securing  ...  The purpose of this paper is to conduct a study on integrating all necessary security dimensions, which in the DevOps era can easily be left out of the picture, as a sticky part into both application and  ...  This article conducted a systematic literature review to understand the current state of security research in the context of the DevOps development method.  ... 
doi:10.30534/ijeter/2020/40892020 fatcat:lqnqln2yvzhnraetgryro45z7i


Marcin Paprzycki, Maria Ganzha, Katarzyna Wasielewska, Piotr Lewandowski
2021 Journal of Computer Science and Cybernetics  
In this context, different approaches regarding introduction of DevOps and DevSecOps strategies have been proposed in the literature.  ...  In particular, the present work describes the different DevSecOps methodology tasks, and how the security is included on pre-design activities such as planning, creation or adaptation, the design and implementation  ...  Following the systematic analysis of the literature carried out in [21] , the conceptual framework of DevOps is composed of a conceptual map outlining four categories: (i) process which encompasses business-related  ... 
doi:10.15625/1813-9663/37/3/16245 fatcat:jyhfo26vfnawrc5xcvs7eexz6a

Monitoring Real Time Security Attacks for IoT Systems Using DevSecOps: A Systematic Literature Review

Ahmed Bahaa, Ahmed Abdelaziz, Abdalla Sayed, Laila Elfangary, Hanan Fahmy
2021 Information  
If the detection models applied DevSecOps pipelines in development processes for IoT devices, they were more secure.  ...  From the results of this paper, we found that machine learning techniques can detect IoT attacks, but there are a few issues in the design of detection models.  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/info12040154 fatcat:oevgg4yzwfa3ldz26v5j5wthqy

DevSecOps in Robotics [article]

Víctor Mayoral-Vilches, Nuria García-Maestro, McKenna Towers, Endika Gil-Uriarte
2021 arXiv   pre-print
In this article we introduce DevSecOps in Robotics, a set of best practices designed to help roboticists implant security deep in the heart of their development and operations processes.  ...  Quality in software is often understood as "execution according to design purpose" whereas security means that "software will not put data or computing systems at risk of unauthorized access."  ...  Special thanks to the Basque Cyber Security Centre BCSC (Basque Government's agency SPRI) for the support in actions fostering awareness in robot Cyber Security.  ... 
arXiv:2003.10402v3 fatcat:qjc3pdfmpnduvfwgyqjk5tey4y

Prioritization based taxonomy of DevOps security challenges using PROMETHEE

Saima Rafi, Wu Yu, Muhammad Azeem Akbar, Ahmed Alsanad, Abdu Gumaei
2020 IEEE Access  
The total of eighteen DevOps security challenges were extracted using systematic literature review approach and were further evaluated with experts using questionnaire survey study.  ...  The objective of this study is to identify and develop a prioritization based taxonomy of DevOps security challenges.  ...  ACKNOWLEDGMENT The authors are grateful to the Deanship of Scientific Research, King Saud University for funding through Vice Deanship of Scientific Research Chairs.  ... 
doi:10.1109/access.2020.2998819 fatcat:p7yhjv5cwbg5vacdb33d3iy3em

Best Practices for Securing Financial Data and PII in Public Cloud

Pankti Desai, Thaier Hamid
2021 International Journal of Computer Applications  
Solution architects can Business Processes: A Systematic Literature Review, in: confirm there are no sensitive data elements moving to cloud International Conference on Cyber Warfare  ...  Existing literature around one or more factors specific to the physical, physiological, the topic was reviewed too to identify, evaluate, and genetic, mental, economic, cultural or social identity  ... 
doi:10.5120/ijca2021921737 fatcat:pwbqwcvpcnbqzovplnw5ud4uwm

CyberOps: Situational Awareness in Cybersecurity Operations

Cyril Onwubiko, Research Series Ltd
2020 International Journal on Cyber Situational Awareness  
It is fundamentally to protect digital investments, contribute to national economic wellbeing by providing a safe, secure and conducive environment to conduct business and to protect a nation's critical  ...  Cybersecurity operations (CyberOps) is the use and application of cybersecurity capabilities to a domain, department, organisation or nation.  ...  Another distinction worth noting is that cybersecurity operations is not the same as cyber security operations center (CSOC). CSOC or Security Operations Centre (SOC) is a subset of CyberOps.  ... 
doi:10.22619/ijcsa.2020.100134 fatcat:frbg2gx43zax7itvjp2vim7md4

Secure Software Engineering in the Financial Services: A Practitioners' Perspective [article]

Vivek Arora, Enrique Larios Vargas, Maurício Aniche, Arie van Deursen
2021 arXiv   pre-print
use of to ensure the security of their software systems, the improvements that practitioners perceive as important in existing state-of-the-practice security tools, the different knowledge-sharing and  ...  However, while the field of security research has been advancing quite fast, in practice, there is still a vast knowledge gap between the security experts and the software development teams.  ...  A recent systematic literature review focusing on the developers' context in secure software development by Tahaei et al. [54] identified multiple themes and research gaps.  ... 
arXiv:2104.03476v1 fatcat:zjouwhd7abbz7aia4x4lkuwzqu

Security for Devops Deployment Processes: Defenses, Risks, Research Directions

Norman Wilde, Brian Eddy, Khyati Patel, Nathan Cooper, Valeria Gamboa, Bhavyansh Mishra, Keenal Shah
2016 International Journal of Software Engineering & Applications  
We reviewed the literature and conducted three case studies using simple configurations of common DevOps tools.  ...  In this paper we examine the security implications of two of the key DevOps practices, automation of the deployment pipeline using a deployment toolchain and infrastructure-as-code to specify the environment  ...  ACKNOWLEDGEMENTS Work described in this paper was partially supported by the University of West Florida Foundation under the Nystul Eminent Scholar Endowment.  ... 
doi:10.5121/ijsea.2016.7601 fatcat:u3ayin7nl5chbpg5m6i54cg65q

Cybersecurity in Robotics: Challenges, Quantitative Modeling, and Practice [article]

Quanyan Zhu, Stefan Rass, Bernhard Dieber, Victor Mayoral Vilches
2021 arXiv   pre-print
A powerful quantitative approach to model-based security is offered by game theory, providing a rich spectrum of techniques to optimize security against various kinds of attacks.  ...  Such a multi-perspective view on security is necessary to address the heterogeneity and complexity of robotic systems.  ...  We thank many of our friends and colleagues for their inputs and suggestions.  ... 
arXiv:2103.05789v4 fatcat:p3inkof6kbh3rds6jigvmq4doe

Evaluating the DevOps Reference Architecture for Multi-cloud IoT-Applications

Georges Bou Ghantous, Asif Qumer Gill
2021 SN Computer Science  
The empirical evaluation is composed of two phases: (1) industry case study evaluation conducted in an IT organization, and (2) industry field survey with a cohort of experts in software engineering.  ...  Most recently, organizations are taking a significant interest in adopting DevOps for automatically deploying IoT applications to multi-cloud.  ...  Finally, this research can be extended to include a future investigation into the areas of DevSecOps security and DataOps.  ... 
doi:10.1007/s42979-021-00519-6 fatcat:nze3dlygvndz5njeykzfhkzxxa

Journal of Computer Science IJCSIS June 2021 Full Volume

2021 Zenodo  
The International Journal of Computer Science and Information Security (IJCSIS) is one of the leading open access publisher, with hundreds of papers published each year related to different areas ranging  ...  from computer science, mobile & wireless computing, networking and information security.  ...  DevSecOps Adoption for Cloud Security DevSecOps is defined as integrating security practices within the development process that involves creating a 'Security as Code' culture with ongoing flexible collaboration  ... 
doi:10.5281/zenodo.5556913 fatcat:yineojxcujg4jnvqt6i742dhii
« Previous Showing results 1 — 15 out of 24 results