A Machine Learning Based Secure Change Management

“…Security practices in DevSecOps involve the security of the application and the security of infrastructure from the beginning [1]. This practice makes the selection of the right tools necessary from the initial stage itself.…”

“…However, the DevSecOps transformation means more than just automation. This transformation also affects other pillars of DevOps such as Culture, Measurement and Sharing of knowledge based on the CAMS principle [1], [29], [30]. Furthermore, this change will improve the close collaboration between development, operations and security teams besides the tools, practices and strategies in an organisation [12], [23].…”

“…In the DevSecOps approach, automation practice is considered necessary to minimize manual work and reduce bottleneck issues. Automation of continuous monitoring of the application and overall health of infrastructure is considered best practice in DevSecOps measurement [1]. In addition, the software systems can become quite complex over time, and it is virtually impossible to check the metrics manually; this includes information such as logging data generated by the software.…”

“…In pursuit of agility and velocity to the market with a security focus, the software teams embrace DevSecOps [1]. Companies favour cloud-native environments for their De-vSecOps teams.…”

“…First, if the measurement adoption happens without automation, the process will become complicated and the scaling up will slow down the overall process. Secondly, without continuous monitoring, the measurement results will not improve the overall situation of the DevSecOps teams since the results will be delayed [1]. Therefore, the organisation has to take concrete steps to reach the goal of automated measurement.…”

Monitoring solution for cloud-native DevSecOps

“…Security practices in DevSecOps involve the security of the application and the security of infrastructure from the beginning [1]. This practice makes the selection of the right tools necessary from the initial stage itself.…”

“…However, the DevSecOps transformation means more than just automation. This transformation also affects other pillars of DevOps such as Culture, Measurement and Sharing of knowledge based on the CAMS principle [1], [29], [30]. Furthermore, this change will improve the close collaboration between development, operations and security teams besides the tools, practices and strategies in an organisation [12], [23].…”

“…In the DevSecOps approach, automation practice is considered necessary to minimize manual work and reduce bottleneck issues. Automation of continuous monitoring of the application and overall health of infrastructure is considered best practice in DevSecOps measurement [1]. In addition, the software systems can become quite complex over time, and it is virtually impossible to check the metrics manually; this includes information such as logging data generated by the software.…”

“…In pursuit of agility and velocity to the market with a security focus, the software teams embrace DevSecOps [1]. Companies favour cloud-native environments for their De-vSecOps teams.…”

“…First, if the measurement adoption happens without automation, the process will become complicated and the scaling up will slow down the overall process. Secondly, without continuous monitoring, the measurement results will not improve the overall situation of the DevSecOps teams since the results will be delayed [1]. Therefore, the organisation has to take concrete steps to reach the goal of automated measurement.…”

Monitoring solution for cloud-native DevSecOps

A Blockchain-based Approach for Continuous Auditing in IT Change Management

Uma Abordagem de Auditoria Contínua com Blockchain para Gerenciamento de Mudanças em TI