Software Engineering Institute

SEI Blog

DevSecOps topic image

DevSecOps

DevSecOps enables the development (Dev), security (Sec), and delivery/operations (Ops) of software systems to streamline implementation of new capabilities and to provide continuous integration and continuous delivery (CI/CD) of resilient software deployment.

Blog Posts

Example Case: Using DevSecOps to Redefine Minimum Viable Product

DSO-Process-Breakdown

This SEI blog post, authored by SEI interns, describes their work on a microservices-based software application, an accompanying DevSecOps pipeline, and an expansion of the concept of minimum viable product …

March 11, 2024 • By Joe Yankel

In DevSecOps

Joe Yankel

Acquisition Archetypes Seen in the Wild, DevSecOps Edition: Clinging to the Old Ways

This SEI blog post draws on SEI experiences conducting independent technical assessments to examine problems common to disparate acquisition programs. It also provides recommendations for recovering from these problems and …

December 18, 2023 • By William E. Novak

In DevSecOps

Extending Agile and DevSecOps to Improve Efforts Tangential to Software Product Development

The modern software engineering practices of Agile and DevSecOps have revolutionized the practice of software engineering. This blog post explores use of these practices in capability delivery and business mission.

August 7, 2023 • By David Sweeney, Lyndsi A. Hughes

In DevSecOps

5 Challenges to Implementing DevSecOps and How to Overcome Them

The shift from project- to program-level thinking raises numerous challenges to DevSecOps implementation. This SEI Blog post articulates these challenges and ways to overcome them.

June 12, 2023 • By Joe Yankel, Hasan Yasar

In DevSecOps

Joe Yankel

Actionable Data from the DevSecOps Pipeline

In this blog post, we explore decisions that program managers make and information they need to confidently make decisions with data from DevSecOps pipelines.

May 1, 2023 • By Bill Nichols, Julie B. Cohen

In DevSecOps

Julie Cohen

Writing Ansible Roles with Confidence

How do you write Ansible roles in a way where you can be confident your role works as intended? This post provides guidance on how to best begin developing Ansible …

November 7, 2022 • By Matthew Heckathorn

In DevSecOps

A Technical DevSecOps Adoption Framework

This blog post describes our new DevSecOps adoption framework that guides the planning and implementation of a roadmap to functional CI/CD pipeline capabilities.

October 24, 2022 • By Vanessa B. Jackson, Lyndsi A. Hughes

In DevSecOps

Combining Security and Velocity in a Continuous-Integration Pipeline for Large Teams

This post explores how one team managed—and eventually resolved—the two competing forces of developer velocity and cybersecurity enforcement by implementing DevSecOps practices.

July 11, 2022 • By Alejandro Gomez

In DevSecOps

Alejandro Gomez

Modeling DevSecOps to Protect the Pipeline

This blog post presents a DevSecOps Platform-Independent Model that uses model based system engineering constructs to formalize the practices of DevSecOps pipelines and organize guidance.

June 13, 2022 • By Timothy A. Chick, Joe Yankel

In DevSecOps

Joe Yankel

From Model-Based Systems and Software Engineering to ModDevOps

Introduction to ModDevOps, an extension of DevSecOps that embraces model-based systems engineering (MBSE) technology

November 22, 2021 • By Jerome Hugues, Joe Yankel

In DevSecOps

Joe Yankel

Related Tags

DevSecOps Devops Mission Assurance Human-Machine Interactions Cyber Missions Software and Information Assurance Data Analytics