People nowadays listening to new interesting profile DevSecOps. But they are really confused about how to get into this, also they are not sure about the difference between DevOps and DevSecOps.
I have talked to multiple people who are working in DevOps and Security. Talking to them seems both of them are confused.
In this article, I will clear your confession about DevSecOps.
Table of Contents
Daily work of DevOps
- DevOps team is responsible for deploying application to the server through CI/CD pipeline and it’s life cycle
- They are responsible for implementing software to reduce down time of application.
- They are having direct communication with development team for proper application deployment.
- They are also responsible for automating process to increase efficiency.
Daily work of DevSecOps
- DevSecOps team are responsible for increasing application security through implementing secured CI/CD pipeline.
- Automating the security to find security issues once code is build.
- Incident management framework to handle security incident issue.
- Threat modeling.
Can a DevOps Guy move to DevSecOps?
DevOps can easily move to DevSecOps as they are already comfortable with the entire CI/Cd process. They just need to learn the security part and they are ready to work.
Can a Security guy move to DevSecOps?
Security Guy needs to learn some stuff about DevOps i.e. how CI/CD process work and they can start to work. Remember in security we are talking about the defensive part. If a person has pentation testing that is really added advantage.
How do I get Job then?
If you see the job description of DevSecOps you should have all these qualities and sometimes it may vary a little bit according to the requirements of the company.
I hope you have understood the basic difference.
Leave a Reply