Keywords
DevSecOps, Software Development, Maturity Assessment
Abstract
We present the overview of DevSecOps frameworks for Software Development Lifecycle with their current limitations. At the end of the paper we present a new framework of more precise assessment of DevSecOps maturity. Unlike other frameworks that leverage various components of governance, compliance, and risk-based assessment with convoluted parameters that can’t be applied to a lifecycle across the board, a proposed framework simplifies the process that could apply to any system. It concentrates on five key questions, and the ability to answer those would dictate developmental areas and guide a software team on the work for several quarters ahead.