{"id":46,"date":"2025-05-20T13:12:57","date_gmt":"2025-05-20T13:12:57","guid":{"rendered":"https:\/\/devsecopsschool.com\/blog\/?p=46"},"modified":"2025-05-20T13:12:57","modified_gmt":"2025-05-20T13:12:57","slug":"agile-security-in-the-context-of-devsecops","status":"publish","type":"post","link":"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/","title":{"rendered":"Agile Security in the Context of DevSecOps"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Introduction &amp; Overview<\/h2>\n\n\n\n<p>In the evolving landscape of software development, security can no longer be an afterthought. As organizations increasingly adopt Agile and DevOps methodologies to accelerate delivery cycles, integrating security seamlessly into the process becomes essential. This is where <strong>Agile Security<\/strong> comes into play\u2014bringing a flexible, iterative, and collaborative approach to building secure systems. In the context of <strong>DevSecOps<\/strong>, Agile Security aligns perfectly by embedding security practices throughout the development lifecycle.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">What is Agile Security?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Definition<\/h3>\n\n\n\n<p>Agile Security is the application of Agile principles to cybersecurity processes. It focuses on incorporating security at every phase of software development without slowing down delivery.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">History \/ Background<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Emerged as a response to traditional security models that were rigid and slow.<\/li>\n\n\n\n<li>Evolved alongside Agile and DevOps to form part of the <strong>DevSecOps<\/strong> movement.<\/li>\n\n\n\n<li>Rooted in the idea of <strong>&#8220;shift-left security&#8221;<\/strong>\u2014bringing security earlier in the development process.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Relevance in DevSecOps<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>DevSecOps extends DevOps by adding <strong>security as a shared responsibility<\/strong>.<\/li>\n\n\n\n<li>Agile Security ensures security is built into the CI\/CD pipeline, enabling <strong>continuous security testing<\/strong>.<\/li>\n\n\n\n<li>Reduces cost and risk by <strong>catching vulnerabilities early<\/strong>.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">Core Concepts &amp; Terminology<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Key Terms<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Term<\/th><th>Definition<\/th><\/tr><\/thead><tbody><tr><td>Shift-Left<\/td><td>Practice of integrating security early in the SDLC<\/td><\/tr><tr><td>Threat Modeling<\/td><td>Identifying and mitigating potential threats in the system<\/td><\/tr><tr><td>CI\/CD<\/td><td>Continuous Integration and Continuous Delivery<\/td><\/tr><tr><td>SAST<\/td><td>Static Application Security Testing<\/td><\/tr><tr><td>DAST<\/td><td>Dynamic Application Security Testing<\/td><\/tr><tr><td>SBOM<\/td><td>Software Bill of Materials, crucial for software supply chain security<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Fit in DevSecOps Lifecycle<\/h3>\n\n\n\n<p>Agile Security is present in every stage:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Plan<\/strong>: Threat modeling, secure design principles<\/li>\n\n\n\n<li><strong>Develop<\/strong>: Secure coding practices, SAST<\/li>\n\n\n\n<li><strong>Build<\/strong>: Dependency scanning, automated tests<\/li>\n\n\n\n<li><strong>Test<\/strong>: DAST, fuzz testing<\/li>\n\n\n\n<li><strong>Release<\/strong>: Compliance checks, audit logs<\/li>\n\n\n\n<li><strong>Deploy<\/strong>: Infrastructure as Code (IaC) scanning, runtime protection<\/li>\n\n\n\n<li><strong>Operate<\/strong>: Monitoring, incident response<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">Architecture &amp; How It Works<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Components<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Security Champions<\/strong>: Embedded in Agile teams<\/li>\n\n\n\n<li><strong>Automated Security Tools<\/strong>: SAST, DAST, container scanning<\/li>\n\n\n\n<li><strong>Threat Intelligence Feeds<\/strong>: For real-time threat detection<\/li>\n\n\n\n<li><strong>Secure CI\/CD Pipelines<\/strong>: With policy gates and approvals<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Internal Workflow<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Developer commits code<\/li>\n\n\n\n<li>SAST tools analyze the code<\/li>\n\n\n\n<li>CI pipeline scans for vulnerabilities<\/li>\n\n\n\n<li>Results fed back to developers with actionable insights<\/li>\n\n\n\n<li>Security tests run in staging<\/li>\n\n\n\n<li>DAST tools test the running app<\/li>\n\n\n\n<li>Compliance reports generated pre-release<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Architecture Diagram (Described)<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>&#091;Developer] \u2192 &#091;Code Repo] \u2192 &#091;CI\/CD Pipeline]\n                       \u2193\n           &#091;SAST \/ Dependency Scanner]\n                       \u2193\n            &#091;DAST in QA \/ Staging]\n                       \u2193\n               &#091;Security Dashboard]\n                       \u2193\n                &#091;Production Release]\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Integration Points<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>GitHub Actions \/ GitLab CI<\/strong>: Trigger scans on PRs<\/li>\n\n\n\n<li><strong>Jenkins Plugins<\/strong>: Integrate SAST\/DAST tools<\/li>\n\n\n\n<li><strong>Cloud Tools<\/strong>: AWS Inspector, Azure Security Center<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">Installation &amp; Getting Started<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Prerequisites<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Basic understanding of DevOps tools (Git, Jenkins\/GitHub Actions)<\/li>\n\n\n\n<li>Access to a code repository<\/li>\n\n\n\n<li>Docker installed (for some security tools)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Step-by-Step Setup Guide<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">Example: Adding SAST to GitHub Actions<\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code>name: Code Scanning\non: &#091;push]\njobs:\n  scan:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Checkout code\n        uses: actions\/checkout@v2\n\n      - name: Run SAST with CodeQL\n        uses: github\/codeql-action\/init@v2\n        with:\n          languages: javascript\n\n      - name: Perform CodeQL Analysis\n        uses: github\/codeql-action\/analyze@v2\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">Container Scanning with Trivy<\/h4>\n\n\n\n<pre class=\"wp-block-code\"><code># Install Trivy\nbrew install aquasecurity\/trivy\/trivy\n\n# Scan Docker image\ntrivy image myapp:latest\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">Real-World Use Cases<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1. FinTech Security Compliance<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Automated scans ensure PCI-DSS compliance<\/li>\n\n\n\n<li>Real-time alerts on OWASP Top 10 violations<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2. Healthcare Application<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>HIPAA-aligned access logging and encryption checks<\/li>\n\n\n\n<li>Infrastructure as Code scanned for misconfigurations<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. E-Commerce Deployment<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>CI\/CD pipelines enforce policy gates<\/li>\n\n\n\n<li>Open-source dependencies checked for CVEs (Common Vulnerabilities and Exposures)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4. Government Systems<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>SBOMs generated for software transparency<\/li>\n\n\n\n<li>Threat modeling integrated with Jira<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">Benefits &amp; Limitations<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Benefits<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Early Risk Detection<\/strong>: Fix issues early in the SDLC<\/li>\n\n\n\n<li><strong>Automation-Friendly<\/strong>: Works seamlessly in CI\/CD pipelines<\/li>\n\n\n\n<li><strong>Improved Collaboration<\/strong>: Developers, Ops, and Security work together<\/li>\n\n\n\n<li><strong>Scalability<\/strong>: Can scale with microservices and cloud-native apps<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Limitations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Tool Overload<\/strong>: Too many tools can overwhelm teams<\/li>\n\n\n\n<li><strong>Learning Curve<\/strong>: Developers need security training<\/li>\n\n\n\n<li><strong>False Positives<\/strong>: Noise from low-severity issues<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">Best Practices &amp; Recommendations<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Security Tips<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Automate everything: from scanning to reporting<\/li>\n\n\n\n<li>Enforce code reviews with a security checklist<\/li>\n\n\n\n<li>Use role-based access control (RBAC)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Performance &amp; Maintenance<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Periodically review scan configurations<\/li>\n\n\n\n<li>Rotate API keys and secrets<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compliance &amp; Automation<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Automate SBOM generation and audits<\/li>\n\n\n\n<li>Integrate compliance frameworks (e.g., NIST, ISO 27001)<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">Comparison with Alternatives<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Feature<\/th><th>Agile Security<\/th><th>Traditional Security<\/th><th>DevOps without Security<\/th><\/tr><\/thead><tbody><tr><td>Speed<\/td><td>High<\/td><td>Low<\/td><td>High<\/td><\/tr><tr><td>Security Coverage<\/td><td>High<\/td><td>High<\/td><td>Low<\/td><\/tr><tr><td>Developer Involvement<\/td><td>High<\/td><td>Low<\/td><td>Medium<\/td><\/tr><tr><td>Automation<\/td><td>Yes<\/td><td>Minimal<\/td><td>Yes<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">When to Choose Agile Security<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Teams using Agile or DevOps methodologies<\/li>\n\n\n\n<li>Projects with fast release cycles<\/li>\n\n\n\n<li>Organizations aiming for compliance and automation<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">Conclusion<\/h2>\n\n\n\n<p>Agile Security is not just a set of tools\u2014it\u2019s a mindset shift. It brings together developers, operations, and security teams to deliver secure software faster. As threats evolve and compliance becomes stricter, integrating Agile Security into your DevSecOps pipeline is not optional\u2014it\u2019s essential.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Next Steps<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Start with small security automation<\/li>\n\n\n\n<li>Train developers in secure coding<\/li>\n\n\n\n<li>Join communities and forums to stay updated<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Resources<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/owasp.org\/www-project-devsecops-guideline\/\">OWASP DevSecOps Guidelines<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/docs.github.com\/en\/code-security\/code-scanning\">GitHub Code Scanning Docs<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.cncf.io\/tag\/security\/\">CNCF Security Resources<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.reddit.com\/r\/devsecops\/\">DevSecOps Community on Reddit<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Introduction &amp; Overview In the evolving landscape of software development, security can no longer be an afterthought. As organizations increasingly adopt Agile and DevOps methodologies to accelerate delivery cycles, integrating security seamlessly into the process becomes essential. This is where Agile Security comes into play\u2014bringing a flexible, iterative, and collaborative approach to building secure systems. &#8230; <a title=\"Agile Security in the Context of DevSecOps\" class=\"read-more\" href=\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/\" aria-label=\"Read more about Agile Security in the Context of DevSecOps\">Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-46","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Agile Security in the Context of DevSecOps - DevSecOps School<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Agile Security in the Context of DevSecOps - DevSecOps School\" \/>\n<meta property=\"og:description\" content=\"Introduction &amp; Overview In the evolving landscape of software development, security can no longer be an afterthought. As organizations increasingly adopt Agile and DevOps methodologies to accelerate delivery cycles, integrating security seamlessly into the process becomes essential. This is where Agile Security comes into play\u2014bringing a flexible, iterative, and collaborative approach to building secure systems. ... Read more\" \/>\n<meta property=\"og:url\" content=\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/\" \/>\n<meta property=\"og:site_name\" content=\"DevSecOps School\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-20T13:12:57+00:00\" \/>\n<meta name=\"author\" content=\"pritesh k\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"pritesh k\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/\"},\"author\":{\"name\":\"pritesh k\",\"@id\":\"https:\/\/devsecopsschool.com\/blog\/#\/schema\/person\/7e884a8b201ba380e56441154dbedbc6\"},\"headline\":\"Agile Security in the Context of DevSecOps\",\"datePublished\":\"2025-05-20T13:12:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/\"},\"wordCount\":729,\"commentCount\":1,\"inLanguage\":\"en\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/\",\"url\":\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/\",\"name\":\"Agile Security in the Context of DevSecOps - DevSecOps School\",\"isPartOf\":{\"@id\":\"https:\/\/devsecopsschool.com\/blog\/#website\"},\"datePublished\":\"2025-05-20T13:12:57+00:00\",\"author\":{\"@id\":\"https:\/\/devsecopsschool.com\/blog\/#\/schema\/person\/7e884a8b201ba380e56441154dbedbc6\"},\"breadcrumb\":{\"@id\":\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/#breadcrumb\"},\"inLanguage\":\"en\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/devsecopsschool.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Agile Security in the Context of DevSecOps\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/devsecopsschool.com\/blog\/#website\",\"url\":\"https:\/\/devsecopsschool.com\/blog\/\",\"name\":\"DevSecOps School\",\"description\":\"DevSecOps Redefined\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/devsecopsschool.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/devsecopsschool.com\/blog\/#\/schema\/person\/7e884a8b201ba380e56441154dbedbc6\",\"name\":\"pritesh k\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en\",\"@id\":\"https:\/\/devsecopsschool.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/231a0e8b7a02636f2fbacf8dcf4494cb1cc0d49ecc9a8165fbaeaeeaf102641a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/231a0e8b7a02636f2fbacf8dcf4494cb1cc0d49ecc9a8165fbaeaeeaf102641a?s=96&d=mm&r=g\",\"caption\":\"pritesh k\"},\"url\":\"https:\/\/devsecopsschool.com\/blog\/author\/priteshgeek\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Agile Security in the Context of DevSecOps - DevSecOps School","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/","og_locale":"en_US","og_type":"article","og_title":"Agile Security in the Context of DevSecOps - DevSecOps School","og_description":"Introduction &amp; Overview In the evolving landscape of software development, security can no longer be an afterthought. As organizations increasingly adopt Agile and DevOps methodologies to accelerate delivery cycles, integrating security seamlessly into the process becomes essential. This is where Agile Security comes into play\u2014bringing a flexible, iterative, and collaborative approach to building secure systems. ... Read more","og_url":"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/","og_site_name":"DevSecOps School","article_published_time":"2025-05-20T13:12:57+00:00","author":"pritesh k","twitter_card":"summary_large_image","twitter_misc":{"Written by":"pritesh k","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/#article","isPartOf":{"@id":"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/"},"author":{"name":"pritesh k","@id":"https:\/\/devsecopsschool.com\/blog\/#\/schema\/person\/7e884a8b201ba380e56441154dbedbc6"},"headline":"Agile Security in the Context of DevSecOps","datePublished":"2025-05-20T13:12:57+00:00","mainEntityOfPage":{"@id":"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/"},"wordCount":729,"commentCount":1,"inLanguage":"en","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/","url":"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/","name":"Agile Security in the Context of DevSecOps - DevSecOps School","isPartOf":{"@id":"https:\/\/devsecopsschool.com\/blog\/#website"},"datePublished":"2025-05-20T13:12:57+00:00","author":{"@id":"https:\/\/devsecopsschool.com\/blog\/#\/schema\/person\/7e884a8b201ba380e56441154dbedbc6"},"breadcrumb":{"@id":"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/#breadcrumb"},"inLanguage":"en","potentialAction":[{"@type":"ReadAction","target":["https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/devsecopsschool.com\/blog\/agile-security-in-the-context-of-devsecops\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/devsecopsschool.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Agile Security in the Context of DevSecOps"}]},{"@type":"WebSite","@id":"https:\/\/devsecopsschool.com\/blog\/#website","url":"https:\/\/devsecopsschool.com\/blog\/","name":"DevSecOps School","description":"DevSecOps Redefined","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/devsecopsschool.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en"},{"@type":"Person","@id":"https:\/\/devsecopsschool.com\/blog\/#\/schema\/person\/7e884a8b201ba380e56441154dbedbc6","name":"pritesh k","image":{"@type":"ImageObject","inLanguage":"en","@id":"https:\/\/devsecopsschool.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/231a0e8b7a02636f2fbacf8dcf4494cb1cc0d49ecc9a8165fbaeaeeaf102641a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/231a0e8b7a02636f2fbacf8dcf4494cb1cc0d49ecc9a8165fbaeaeeaf102641a?s=96&d=mm&r=g","caption":"pritesh k"},"url":"https:\/\/devsecopsschool.com\/blog\/author\/priteshgeek\/"}]}},"_links":{"self":[{"href":"https:\/\/devsecopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/46","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devsecopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devsecopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devsecopsschool.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/devsecopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=46"}],"version-history":[{"count":1,"href":"https:\/\/devsecopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/46\/revisions"}],"predecessor-version":[{"id":47,"href":"https:\/\/devsecopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/46\/revisions\/47"}],"wp:attachment":[{"href":"https:\/\/devsecopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=46"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devsecopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=46"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devsecopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=46"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}