Search Results

DevOps has emerged as one of the most rapidly evolving software development paradigms. With the growing concerns surrounding security in software systems, the DevSecOps paradigm has gained prominence, urging practitioners to incorporate security practices ...

Nowadays, software development happens at a fast pace. At the same time, Information Technology organizations face higher demands and competition while struggling with external threats such as cyberattacks. Therefore, many organizations adopt ...

Software development teams meet increasing requirements to implement cybersecurity management in compliance with standards and regulations. However, adopting a compliant cybersecurity management system and DevSecOps practices as part of a software ...

Recently, the DevSecOps practice has improved companies’ agile production of secure software, reducing problems and improving return on investment. However, overreliance on security tools and traditional security techniques can facilitate the ...

Passwords play a crucial role in authentication, ensuring that only authorised entities can access sensitive information. However, user password choices are often weak and predictable, making them susceptible to cyber-attacks. Additionally, hard-...

The public computing environment is the key technology of the new generation of ship system. The efficiency and quality of its software development will seriously affect the development of combat system. This paper compares the software development ...

As society’s dependence on information and communication systems (ICTs) grows, so does the necessity of guaranteeing the proper functioning and use of such systems. In this context, it is critical to enhance the security and robustness of the ...

Security as a key non-functional requirement of software development is often ignored and devalued in DevOps programs, with security seen as an inhibitor to high velocity required in DevOps implementation. Hence, the DevSecOps approach ...

• A multivocal literature review on DevSecOps (2012–2022).
• The review of DevSecOps covers Definition, Challenges, Practices, Tools and Metrics.
• Presents a Challenge-Practice-Tool-Metric model for DevSecOps.
• The global dimension ...

Critical infrastructures (CI) extend across various sectors within the economy, relying on a combination of software and hardware technologies to manage the operations of the systems, services, and assets. Risk Management plays a pivotal role in ...

DevOps (development and operations) is a set of collaborative practices that automate continuous delivery of new software versions with an aim to reduce the development life cycle and produce quality software products. Security is an important attribute ...

Risk management is essential for ensuring the sustained viability of organizations over the long term. It plays a pivotal role in business by helping identify potential threats and vulnerabilities, enabling well-informed decision-making. Within the ...

The intersection between security and continuous software engineering has been of great interest since the early years of the agile development movement, and it remains relevant as software development processes are more frequently guided by agility and ...

This article presents a model-driven engineering (MDE) integrated development environment (IDE) to assist the DevSecOps (Development Security and Operations) process. This tool has been developed within the PIACERE H2020 project, which proposes a ...

In this experiential paper, we present observations from our collaborative efforts with multiple entities operating in highly regulated environments that enabled or disrupted the construction, use, and sustainment of secure CI/CD pipelines as part of a ...

Containers are core building blocks for creating applications based on the microservice paradigm. However, assessing their security is complex, especially when deployed in distributed and heterogeneous scenarios. Moreover, developers and IT operators ...

The complexity of delivering enterprise-grade software, especially as-a-service, keeps getting more sophisticated even with the large set of open-source and commercial helper tools. Every single commit by the developers must go through a large group of ...

Software engineering is evolving quickly leading to an urgency to discover more efficient development models. DevOps and its security-oriented extension DevSecOps promised to speed up the development process while ensuring more robust code. ...

Security represents one of the crucial concerns when it comes to DevOps methodology-empowered software development and service delivery process. Considering the adoption of Infrastructure as Code (IaC), even minor flaws could potentially cause fatal ...

In the light of recent increase in the number of cybersecurity incidents affecting organizations of different kinds and sizes, security of software supply chain is becoming mission critical. At the core, supply chain security is a multi-disciplinary ...

The Open Source Software movement has been growing exponentially for a number of years with no signs of slowing. Driving this growth is the wide-spread availability of libraries and frameworks that provide many functionalities. Developers are saving ...