{"id":63818,"date":"2022-07-06T22:50:47","date_gmt":"2022-07-06T21:50:47","guid":{"rendered":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/?p=63818"},"modified":"2022-07-06T22:50:48","modified_gmt":"2022-07-06T21:50:48","slug":"an-introduction-to-devsecops","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-gb\/industry\/blog\/technetuk\/2022\/07\/06\/an-introduction-to-devsecops\/","title":{"rendered":"An introduction to DevSecOps"},"content":{"rendered":"

\"An<\/p>\n

Security is a key part of DevOps. But how does a team know it’s secure? Is it ever really possible to deliver a completely secure service?<\/p>\n

Unfortunately, the answer is no. DevSecOps is a continuous and ongoing effort that requires the attention of everyone on the team. While the job is never truly done, the practices teams employ to prevent and handle breaches produce systems that are as secure and resilient as possible.<\/p>\n

Teams that don’t have a formal DevSecOps strategy are encouraged to begin the planning as soon as possible. At first there may be some resistance from team members who don’t fully appreciate the threats that exist. Others may not feel that the team is equipped to face the problem and that any special investment would be a wasteful distraction from shipping features. However, it’s necessary to begin the conversation to build consensus as to the nature of the risks, how the team can mitigate them, and whether the team needs resources they don’t currently have.<\/p>\n

Resources<\/h3>\n