DEVSECOPS System Assurance
Abstract:
DevSecOps pipelines support organizational agility by automating rapid and frequent delivery of secure infrastructure and software to production (Figure 1). Pipelines are complex systems that require tradeoff decisions for each implementation, which commonly introduce risk to the pipeline and the product it delivers. System assurance should be used to manage that risk and maintain confidence in the pipeline and its product. This paper focuses on system assurance for DevSecOps software systems.
Security Markings
DOCUMENT & CONTEXTUAL SUMMARY
Distribution Code:
A - Approved For Public Release
Distribution Statement: Public Release
RECORD
Collection: TRECMS