How to make developers accept DevSecOps

2024-01-31 05:00

Making developers accept the importance of security in their software development process comes with numerous challenges.

Finally, there's the people-related challenges: developers may have difficulties with the imminent changes that DevSecOps bring to the development process, and may lack security skills required to carry out certain security practices in DevSecOps.

To make developers accept DevSecOps, they need to be heard, which means making sure they have a say when security decisions are made.

"A big part of improving the DevSecOps experience is not introducing more tooling, but getting clear on the process and expectations of how developers should use the tools they already have. Clear communication about policies ensures an organized and consistent approach to implementing security throughout the SDLC," says Nick Liffen, director at GitHub Advanced Security.

Training is an important part of DevSecOps implementation, but developers need to be reassured that their job will not be disrupted when security gets integrated into coding.

"Between 2021 and 2028, the DevSecOps market is expected to grow at a CAGR of 24.1%. DevSecOps professionals have several job opportunities as a result of this rapid rise. This demand is expected to grow as more companies adopt DevSecOps practices," said Misbah Thevarmannil, content lead at Practical DevSecOps.

News URL

https://www.helpnetsecurity.com/2024/01/31/developers-accept-devsecops/

#developer #devsecops