Changes

DevSecOps stands for development, security, and operations. It's an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire IT lifecycle.  

DevSecOps stands for development, security, and operations. It's an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire IT lifecycle.  

[[File:Agile cycle.png|thumb|Agile-Devopscycle]]

[[File:Agile cycle.png|thumb|Agile-Devopscycle]]

'''DevSecOps CI/CD''' (ref https://public.cyber.mil/devsecops/) CI/CD is a DevOps tactic, which makes use of the right automated testing tools to implement agile development. Continuous Integration is an engineering practice in which members of a development team integrate their code at a very high frequency, detection of errors in code in the early stages. Continuous Delivery is the practice of ensuring that code is always in a deployable state. All code changes – new features, bug fixes, experiments, configuration changes – are always ready for deployment to a production environment with the right CI/CD tools in place.  Scale accordingly (to the size, complexity, and criticality of your project/product development cycle) The right fit automating as much as possible.  See software factory.  

'''DevSecOps CI/CD''' (ref https://public.cyber.mil/devsecops/) CI/CD is a DevOps tactic, which makes use of the right automated testing tools to implement agile development. Continuous Integration is an engineering practice in which members of a development team integrate their code at a very high frequency, detection of errors in code in the early stages. Continuous Delivery is the practice of ensuring that code is always in a deployable state. All code changes – new features, bug fixes, experiments, configuration changes – are always ready for deployment to a production environment with the right CI/CD tools in place.  Scale accordingly (to the size, complexity, and criticality of your project/product development cycle) The right fit automating as much as possible.  See software factory.  

Projects I have been on that were a success:

Projects I have been on that were a success:

1) https://ottawacitizen.com/news/national/defence-watch/canadian-surveillance-satellite-system-now-operational The data collection system Evolving 600 user stories (around 3000 derived requirements see page 75 https://buyandsell.gc.ca/cds/public/2013/05/29/be189bb4f50d214783a7d94d19a1364d/ABES.PROD.BK__XL.B100.E25308.EBSU000.PDF )  from key SMEs/stakeholders using focus groups, surveys, and continuous feedback.  

1) https://ottawacitizen.com/news/national/defence-watch/canadian-surveillance-satellite-system-now-operational The data collection system -evolving 600 user stories (around 3000 derived requirements see page 75 https://buyandsell.gc.ca/cds/public/2013/05/29/be189bb4f50d214783a7d94d19a1364d/ABES.PROD.BK__XL.B100.E25308.EBSU000.PDF )  from key SMEs/stakeholders using focus groups, surveys, and continuous feedback.  

2) https://ottawacitizen.com/news/national/rcmp-unveils-massive-border-security-project Evolving key scenarios to prove the concepts working with the field units empowering staff, adhering to the laws of each province, building small correcting mistakes quickly iteratively with prototypes  (Boeing failed https://www.zdnet.com/article/boeing-virtual-fence-30-billion-failure/)

2) https://ottawacitizen.com/news/national/rcmp-unveils-massive-border-security-project Evolving key scenarios to prove the concepts working with the field units empowering staff, adhering to the laws of each province, building small correcting mistakes quickly iteratively with prototypes  (Boeing failed https://www.zdnet.com/article/boeing-virtual-fence-30-billion-failure/)