Xhesika Ramaj scite author profile

Xhesika Ramaj

4Publications

3Citation Statements Received

0Citation Statements Given

How they've been cited

How they cite others

Affiliations

Østfold University College

Publications

Order By: Most citations

Holding on to Compliance While Adopting DevSecOps: An SLR

et al. 2022

View full text Add to dashboard Cite

The software industry has witnessed a growing interest in DevSecOps due to the premises of integrating security in the software development lifecycle. However, security compliance cannot be disregarded, given the importance of adherence to regulations, laws, industry standards, and frameworks. This study aims to provide an overview of compliance aspects in the context of DevSecOps and explore how compliance is ensured. Furthermore, this study reveals the trends of compliance according to the extant literature and identifies potential directions for further research in this context. Therefore, we carried out a systematic literature review on the integration of compliance aspects in DevSecOps, which rigorously followed the guidelines proposed by Kitchenham and Charters. We found 934 articles related to the topic by searching five bibliographic databases (163) and Google Scholar (771). Through a rigorous selection process, we selected 15 papers as primary studies. Then, we identified the compliance aspects of DevSecOps and grouped them into three main categories: compliance initiation, compliance management, and compliance technicalities. We observed a low number of studies; therefore, we encourage further efforts into the exploration of compliance aspects, their automated integration, and the development of metrics to evaluate such a process in the context of DevSecOps.

show abstract

A DevSecOps-enabled Framework for Risk Management of Critical Infrastructures

Ramaj¹

2022

View full text Add to dashboard Cite

A DevSecOps-enabled framework for risk management of critical infrastructures

Ramaj

2022

View full text Add to dashboard Cite

Unveiling the Safety Aspects of DevSecOps: Evolution, Gaps and Trends

Ramaj

Sánchez‐Gordón

Chockalingam

et al. 2022

RACSC

View full text Add to dashboard Cite

Background: The popularity of DevSecOps is on the rise because it promises to integrate a greater degree of security into software delivery pipelines. However, there is also an unacceptable risk related to safety that cannot be overlooked, given the importance of this aspect in many industries. Objective: The objective of this study is to provide an overview of the safety aspects reported in the literature on DevSecOps. This study also characterizes such aspects and identifies the gaps that may lead to future research work. Method: A systematic literature review was conducted using five well-known academic databases. The search was executed in September 2021 and March 2022 to identify relevant studies. Results: The search returned 114 academic studies. After the screening process, five primary studies published between 2019 and 2021 were selected. These studies were analyzed thoroughly to identify the safety aspects. Then, we categorized them into three main groups: (i) risk-related safety aspects, (ii) human-related aspects, and (iii) management aspects. Conclusion: Safety is an important characteristic that is becoming more critical as the number of critical systems grows. This review reveals that only a scarce number of studies are focusing on safety in DevSecOps. However, those studies gave us some insights into this topic. Therefore, our main observation is that this topic has not yet been completely explored in the academic literature. This review can encourage reflection and discussion between the safety and security communities.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Xhesika Ramaj

Holding on to Compliance While Adopting DevSecOps: An SLR

A DevSecOps-enabled Framework for Risk Management of Critical Infrastructures

A DevSecOps-enabled framework for risk management of critical infrastructures

Unveiling the Safety Aspects of DevSecOps: Evolution, Gaps and Trends

Contact Info

Product

Resources

About