web analytics

Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines

The predominant application architecture for cloud-native applications consists of multiple microservices with a centralized application infrastructure, such as a service mesh, that provides all application services. This class of applications is generally developed using a flexible and agile software development paradigm called DevSecOps. A salient feature of this paradigm is the use of flow processes called CI/CD pipelines, which initially take the software through various stages (e.g., build, test, package, and deploy) in the form of source code through operations that constitute the software supply chain (SSC). This document outlines strategies for integrating SSC security measures into CI/CD pipelines.


advisor pick´S post

More Latest Published Posts