Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/doc/devsecops.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/devsecops.md')
-rw-r--r--doc/devsecops.md60
1 files changed, 60 insertions, 0 deletions
diff --git a/doc/devsecops.md b/doc/devsecops.md
new file mode 100644
index 00000000000..f035121898a
--- /dev/null
+++ b/doc/devsecops.md
@@ -0,0 +1,60 @@
+---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
+description: 'Learn how to use and administer GitLab, the most scalable Git-based fully integrated platform for software development.'
+---
+
+# GitLab: The DevSecOps platform
+
+ DevSecOps is a combination of development, security, and operations.
+ It is an approach to software development that integrates security throughout the development lifecycle.
+
+## DevSecOps compared to DevOps
+
+DevOps combines development and operations, with the intent to increase the efficiency,
+speed, and security of software development and delivery.
+
+DevOps means working together to conceive, build, and deliver secure software at top speed.
+DevOps practices include automation, collaboration, fast feedback, and iterative improvement.
+
+DevSecOps is an evolution of DevOps. DevSecOps includes application security practices in every stage of software development.
+
+Throughout the development process, tools and methods protect and monitor your live applications.
+New attack surfaces, like containers and orchestrators, must also be monitored and protected.
+DevSecOps tools automate security workflows to create an adaptable process for your development
+and security teams, improving collaboration and breaking down silos.
+By embedding security into the software development lifecycle, you can consistently secure fast-moving
+and iterative processes, improving efficiency without sacrificing quality.
+
+## DevSecOps fundamentals
+
+DevSecOps fundamentals include:
+
+- Automation
+- Collaboration
+- Policy guardrails
+- Visibility
+
+For details, see [this article about DevSecOps](https://about.gitlab.com/topics/devsecops/).
+
+## Is DevSecOps right for you?
+
+If your organization is facing any of the following challenges, a DevSecOps approach might be for you.
+
+- **Development, security, and operations teams are siloed.**
+ If development and operations are isolated from security issues,
+ they can't build secure software. And if security teams aren't part of the development process,
+ they can't identify risks proactively. DevSecOps brings teams together to improve workflows
+ and share ideas. Organizations might even see improved employee morale and retention.
+
+- **Long development cycles are making it difficult to meet customer or stakeholder demands.**
+ One reason for the struggle could be security. DevSecOps implements security at every step of
+ the development lifecycle, meaning that solid security doesn’t require the whole process to come to a halt.
+
+- **You’re migrating to the cloud (or considering it).**
+ Moving to the cloud often means bringing on new development processes, tools, and systems.
+ It’s a great time to make processes faster and more secure — and DevSecOps could make that a lot easier.
+
+To get started with DevSecOps,
+[learn more, and try GitLab Ultimate for free](https://about.gitlab.com/solutions/security-compliance/).
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-15 12:33:05 +0300