Skip to content

Commit

Permalink
Updates
Browse files Browse the repository at this point in the history
  • Loading branch information
sottlmarek authored Nov 23, 2021
1 parent 1bc7571 commit 9e31844
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions devsecopsmanifesto.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ DEVSECOPS MANIFESTO

With DevSecOps, part of the architecture can be captured as a code. Centralized configuration management and infrastructure are widely used as a code. Even the compliance and audit can and must be standardised in structured language.

Structured languages that are used to configure databases, firewalls, servers, applications, or containers, must be readable. Architectural standards, such as CIS benchmarks, are defined only once, and the code is automatically distributed and configured on all architectural components of specific type. A high degree of automation is critical parameter to security in agile environments. The DevSecOps toolkit provides a complete process of deploying and installing IT systems in a controlled manner.
Structured languages that are used to configure databases, firewalls, servers, applications, or containers, must be readable. Architectural standards are defined only once and evolving based on the need of internal or external customers, and the code is automatically distributed and configured on all architectural components of specific type. A high degree of automation is critical parameter to security in agile environments. The DevSecOps toolkit provides a complete process of deploying and installing IT systems in a controlled manner.

* Interaction between people is a must.
* Security must work as a Business enabler
Expand All @@ -13,6 +13,6 @@ Structured languages that are used to configure databases, firewalls, servers, a
* Security is a priority for delivering high-quality software and architecture as a code.
* Security is functional requirement.
* Teams must share knowledge in information and cyber security for growth
* overall maturity of community resulting into guild.
* Overall maturity of community resulting into guild.
* Automation and security coding is a long-term goal for architecture as a code.
* Security artefacts must be self-documented.

0 comments on commit 9e31844

Please sign in to comment.