Today, everybody talks about DevOps, digitalization, business transformation and many more scary words. Digital transformation has found its way into security development, disrupting the cosy world of relying on static analysis before releases and leading many to question the necessity to transform AppSec in the same key.
In our report we will try to explain the principles of DevSecOps and the way we see it, as well as the ways in which it differs to the classical model of security. The report contains many examples, demonstrations and script codes to understand how it all really works. Using an imaginary organization, we will offer a solution to handle it without being neck-deep in task management.