Security Impacts of Sub-Optimal DevSecOps Implementations in a Highly Regulated Environment

Abstract

Contents include: Study overview; DevSecOps Security Concerns; Examples of Security Threats; Available Software Security Tools; Incomplete Development Environments; Lack of Environment Parity; Testing Did Not Reflect Production; Contract Objective > Development Goals; Security Not a Priority; Summary.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2020
Accession Number
AD1110310

Entities

People

  • Aaron Volkmann
  • Hasan Yaşar
  • Jose A. Morales
  • Joseph Yankel
  • Thomas P. Scanlon

Organizations

  • Carnegie Mellon University

Tags

DTIC Thesaurus Topics

  • Computer Programming
  • Computer Programs
  • Contracts
  • Copyrights
  • Department Of Defense
  • Engineering
  • Environment
  • Governments
  • Guarantees
  • Materials
  • Model Based Systems Engineering
  • National Governments
  • Network Topology
  • Observation
  • Production
  • Security
  • Software Development
  • Software Testing
  • Systems Engineering
  • Technical Debt
  • United States Government
  • Universities

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Distributed Systems and Data Platform Development
  • Software Engineering.