- Listen to our monthly AppSec Stats Flash podcast
- LEARN MORE
DevOps is a methodology which helps fluidize and integrate the departments involved in the software development lifecycle (SDLC). DevOps refers to a workplace ecosystem that streamlines the SDLC by creating cross-functional workflows and strategies across development and operations. It also includes Quality Assurance (though that department didn't make it into the term). Highly interconnected, DevOps allows for continuous deployment of new projects and quicker releases with fewer oversights. Each role's input comes in much earlier than pre-DevOps hierarchies. Rather than have separated systems and communication lines, teams can work cross-functionally from design and development, through integration, delivery and deployment, and onto quality assurance after release.
DevOps methodologies have also prompted the development of toolsets and technological practices that support that ecosystem. Agile DevOps plays an important role in the SDLC, however DevOps can apply to software developed under any methodologies.
As the SDLC has picked up pace, security programs, tools, and practices have become progressively more important. The DevOps environment should naturally extend to include SDLC methodologies and security strategies in each development stage, moving to integrate the security mindset into the DevOps ecosystem (aka DevSecOps). Automating processes, including security testing, is an essential way of increasing efficiency while expanding thoroughness, while automated machine-based processes add speed and stability.