DevSecOps is a journey
Traditionally, Security has been a "gatekeeper" in the completion of software development, much like Operations was before DevOps. The "Sec" in "DevSecOps" makes the collaboration and shift in responsibility explicit. In a DevSecOps culture, every agile team has a security expert. He fulfills non-functional requirements (such as data classification and other parts of the risk analysis), so the product owner includes security in the development plan. He also provides support and tools (ideally shared with all product development teams) for secure development and operational practices.
Read our latest whitepaper to learn key insights on how to successfully and efficiently implement DevSecOps, what security components are needed to make it happen, and the benefits of a microgateway architecture.