What Is the DevSecOps Methodology?
As early as 2019, EDUCAUSE identified DevSecOps as one of the top 10 strategic technologies to watch for in higher education. “It requires close collaboration between software engineers and security teams,” the authors wrote in the report.
A phrase that is often used to describe DevSecOps is “shifting left,” which means that quality assurance and security testing should happen much earlier in the development process. The term refers to the conventional “waterfall” style of software development, a visual that conveys the phases of development — such as feasibility, planning and designing — occurring one after another in a downward sequence that moves to the right on a timeline.
MORE ON EDTECH: What's the difference between agile and DevOps?
The Benefits of DevSecOps for Higher Ed
When it comes to benefits for higher education IT teams, consider what DevSecOps can help you avoid during the software development process.
In a 2015 blog post, Donald Firesmith, a researcher at the Carnegie Mellon Software Engineering Institute, noted that IT teams put themselves at risk for unnecessary vulnerabilities during the security testing phase of traditional waterfall-style development.
Because the conventional approach involves testing later in the process, it often leads to software debugging challenges near the program’s completion. With less time to fix defects, this method limits the opportunities for in-house developers to catch the bugs.