DevSecOps: the value of “Security Champions”

In a previous article [1], I’ve started to talk about DevSecOps and the concept of “shifting left” security.
In order to move security checks to the early steps of development, a great help may be the presence of a security-aware person in every scrum team, the so-called “Security Champions“.

Continue…

Some thoughts about “Shift Left” security in DevSecOps

A popular term in DevOps context is “shift left”: it refers to the effort by a DevOps team to implement measures to guarantee application quality at the most early point in the software development life cycle.
In a application security context, this refers to the measures implemented to ensure thart security concerns are taken into consideration during the whole application development, rather than at the end of the process.

Continue…