Carnegie Mellon University
Browse

A Practitioner-Focused DevSecOps Assessment Approach

Download (116.35 kB)
online resource
posted on 2025-07-14, 17:59 authored by Aaron ReffettAaron Reffett, Timothy ChickTimothy Chick
<p dir="ltr">There are a myriad of overlapping influences that can cause dysfunction within a DevSecOps enterprise. Looking from the outside it can be difficult to peel back the layers and effectively find the major causes. This blog post from the Carnegie Mellon University Software Engineering Institute focuses on how to conduct a DevSecOps assessment with an approach that uses four methodologies to analyze an enterprise from the perspective of the practitioner using the tools and processes to build and deliver valuable software. Taking the perspective of the practitioner allows the assessment team to surface the most immediately relevant challenges facing the enterprise.</p>

History

Related Materials

  1. 1.
    DOI - Is original form of SEI blog

Publisher Statement

NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. [DISTRIBUTION STATEMENT A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution.

Copyright Statement

Copyright 2025 Carnegie Mellon University.

Usage metrics

    Categories

    Keywords

    DevSecOpsMission AssuranceContinuous Deployment of Capabilityblog post

    Licence

    In Copyright

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC