Draft:Practical DevSecOps

Submission declined on 21 June 2025 by CoconutOctopus (talk). This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are: in-depth (not just passing mentions about the subject) reliable secondary independent of the subject Make sure you add references that meet these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia. If you would like to continue working on the submission, click on the "Edit" tab at the top of the window. If you have not resolved the issues listed above, your draft will be declined again and potentially deleted. If you need extra help, please ask us a question at the AfC Help Desk or get live help from experienced editors. Please do not remove reviewer comments or this notice until the submission is accepted. Where to get help If you need help editing or submitting your draft, please ask us a question at the AfC Help Desk or get live help from experienced editors. These venues are only for help with editing and the submission process, not to get reviews. If you need feedback on your draft, or if the review is taking a lot of time, you can try asking for help on the talk page of a relevant WikiProject. Some WikiProjects are more active than others so a speedy reply is not guaranteed. How to improve a draft Wikipedia:Contributing to Wikipedia – a basic overview on how to edit Wikipedia. Help:Wikitext – how to use the markup Help:Referencing for beginners – how to include references Wikipedia:Article development – how to develop your article Wikipedia:Writing better articles – how to improve your article Wikipedia:Verifiability – make sure your article includes reliable third-party sources You can also browse Wikipedia:Featured articles and Wikipedia:Good articles to find examples of Wikipedia's best writing on topics similar to your proposed article. Improving your odds of a speedy review To improve your odds of a faster review, tag your draft with relevant WikiProject tags using the button below. This will let reviewers know a new draft has been submitted in their area of interest. For instance, if you wrote about a female astronomer, you would want to add the Biography, Astronomy, and Women scientists tags. Add tags to your draft Editor resources Easy tools: Citation bot (help) | Advanced: Fix bare URLs Declined by CoconutOctopus 80 minutes ago. Last edited by CoconutOctopus 80 minutes ago. Reviewer: Inform author. Resubmit Please note that if the issues are not fixed, the draft will be declined again.

Submission declined on 21 June 2025 by MCE89 (talk). This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are: in-depth (not just brief mentions about the subject or routine announcements) reliable secondary strictly independent of the subject Make sure you add references that meet all four of these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia. Declined by MCE89 8 hours ago.

Submission declined on 20 June 2025 by Rambley (talk). This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are: in-depth (not just brief mentions about the subject or routine announcements) reliable secondary strictly independent of the subject Make sure you add references that meet all four of these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia. Declined by Rambley 24 hours ago.

Submission declined on 20 June 2025 by DoubleGrazing (talk). This submission is not adequately supported by reliable sources. Reliable sources are required so that information can be verified. If you need help with referencing, please see Referencing for beginners and Citing sources. This draft's references do not show that the subject qualifies for a Wikipedia article. In summary, the draft needs multiple published sources that are: in-depth (not just brief mentions about the subject or routine announcements) reliable secondary strictly independent of the subject Make sure you add references that meet all four of these criteria before resubmitting. Learn about mistakes to avoid when addressing this issue. If no additional references exist, the subject is not suitable for Wikipedia. Declined by DoubleGrazing 26 hours ago.

Practical DevSecOps is a methodology focused on the hands-on implementation of security practices within the DevOps lifecycle. It translates the philosophy of DevSecOps into actionable processes, integrating security tools and workflows directly into the continuous integration and continuous delivery (CI/CD) pipeline. The core objective is to automate security measures to ensure the rapid and secure delivery of software, making security a shared responsibility among development, security, and operations teams.^[1]

Practical DevSecOps is built on several key principles that extend DevOps culture and practices to fully integrate security.

• Shifting Security Left: This principle involves integrating security considerations into the earliest stages of the software development lifecycle. Instead of treating security as a final check, it is addressed from the design and coding phases.^[1]
• Security as Code: Security policies, compliance checks, and infrastructure configurations are defined and managed as code. This allows security processes to be versioned, tested, and automated, making them repeatable and auditable.^[2]
• Continuous Security: This involves the automation of security testing and monitoring throughout the CI/CD pipeline. It includes a variety of automated tests, such as static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA).^[3]
• Shared Responsibility Culture: A fundamental cultural shift where everyone involved in the software lifecycle—from developers to operations engineers—is accountable for security. This is often supported by creating roles like "security champions" within development teams.^[1]

The implementation of Practical DevSecOps involves specific practices and tools at each stage of the development lifecycle.^[4][5]

The importance of integrating security into DevOps has been emphasized by industry analysts. Gartner defines DevSecOps as essential for managing risk while achieving the agility of DevOps,^[6] and the overall DevSecOps market is projected to grow significantly, driven by the need for secure and rapid application development.^[7]

This demand has led to a rise in specialized training and certification programs designed to equip professionals with practical skills.

Several organizations offer training and certifications in this field. Prominent examples include SANS Institute, which offers courses on cloud security and DevSecOps automation,^[8] and the EC-Council's Certified DevSecOps Engineer program.^[9]

A notable company in this niche is Practical DevSecOps, a training organization founded by Imran Mohammed.^[10] The company, identified as a portfolio company of Aurelia Ventures,^[11] focuses on providing vendor-neutral, hands-on certification programs.^[12]

The company's certifications, such as the Certified DevSecOps Professional (CDP), are noted for their rigorous, practical exams that can last 12 hours or more.^[13] These certifications have been recognized in industry blog rankings^[14][15] and are mentioned as benchmarks in other training materials.^[16] The founder frequently speaks at international security conferences such as OWASP, Nullcon, and Hack In The Box on DevSecOps topics.^[10][17] Independent user reviews can be found on platforms like G2.^[18]

• Application security
• Continuous integration
• DevOps
• DevSecOps
• Infrastructure as Code
• Shift-left testing