DevSecOps – Security in Fast Digital

Digital organisations aspire to be agile like Amazon and Netflix, to innovate, to adapt, and to remain resilient against the cyber security challenges we face in today’s digital world. Security needs to keep pace to enable an organisation’s accelerated IT delivery initiatives.


Many think the answer to security in fast-paced delivery (DevOps) is to implement new techniques such as automated code review and testing, microservices architecture, containerisation and cloud security tooling. In Capgemini, we believe this is only half of the story. A part that is often missed is the need to create a culture of security that keeps up with fast-paced delivery.  A culture of security should ensure new digital services are not just delivered quickly but also resilient and secure by design.

Our thinking is encompassed within four guiding principles for DevSecOps: Educate, Automate, Monitor and Iterate.

DevSecOps Guiding Principles: Educate, Automate, Monitor and Iterate


We believe a more holistic approach in addressing security in DevOps is needed, and we have distilled our vast experience and thought leadership into a quick, self-assessment questionnaire How Secure is Your DevOps? . In 5-8 minutes, whether you are a business or technology leader, we hope you pick up some useful ideas as you go through the questions.

At the end of the survey, you will be able to instantly download a diagnostics report – without having to enter your personal information. Besides giving you an indication on how you compare to other organisations, it will also provide you an idea on where to focus and start your organisation’s DevOps security maturity journey.

More of our thinking about DevSecOps can be found in the blog posts below and, if you want to get in touch, reach out to our expert Sandeep Kumar.


cyber security

The State of DevSecOps 2020

Global DevSecOps Insights Report 2020