Software security risk management in DEVOPS methodology

Вантажиться...
Ескіз

Дата

2021

Науковий керівник

Назва журналу

Номер ISSN

Назва тому

Видавець

Igor Sikorsky Kyiv Polytechnic Institute

Анотація

It’s impossible to talk about cloud technologies, modern applications and, in general, digital transformation, and not to mention security. The same applies to software development, in particular the DevOps methodology. DevOps is a software development methodology that focuses on communication, integration, and collaboration between IT professionals ensuring rapid product deployment. DevOps practice reflects the idea of continuous improvement and automation. Many practices are designed for one or more stages of the development cycle. Three hundred hours spent on software development can be wasted in just 30 seconds, if only one defect during operation is detected. This, subsequently, can ruin reputation of the whole product, and as a result there will be no choice but to simply remove it from the market. And this establishes the importance and necessity of quality control. To ensure quality of software products during development risk management should be used at every stage of the DevOps lifecycle. Implementing DevOps without paying attention to security will definitely increase risks of attacks. Risk is the occurrence of an uncertain event that positively or negatively affects measured criteria of project success. These can be events that have happened in the past or current events, or something that may happen in the future. These uncertain events can affect target, business, technical and qualitative objectives of the project.

Опис

Ключові слова

risk management, Product Security, Vulnerability Search, Development Methodology, DevOps

Бібліографічний опис

Kolisnichenko, O. Software security risk management in DEVOPS methodology / Olga Kolisnichenko, Mykhailo Kolomytsev, Svitlana Nosok // Theoretical and Applied Cybersecurity : scientific journal. – 2021. – Vol. 3, Iss. 1. – Pp. 75–77. – Bibliogr.: 6 ref.