Sok: Zero Trust as a Strategy to Address Devsecops Challenges

  • Anita Nair
  • , SERENA NICOLAZZO
  • , Antonino Nocera
  • , K. A. Rafidha Rehiman
  • , P. Vinod

Risultato della ricerca: Contributo alla conferenzaContributo in Atti di Convegnopeer review

Abstract

Over recent years, Development, Security, and Operations (DevSecOps, hereafter) has evolved as a unique shift-left strategy that integrates security practices, early on in the Development and Operations (DevOps, for short) software development methodology. However, DevSecOps is not devoid of challenges. Insecure tools and insider attacks are some of the threats that can escape the security controls enforced in DevSecOps pipelines. In this paper, we analyze the possibility of embedding Zero Trust into the organization's developer workflow as a strategy to further secure DevSecOps by removing the implicit trust among the various components of the pipelines. Based on a systematic review of the present literature and for each phase of the DevSecOps life cycle, we evaluated the possible integration of current ZTA approaches.
Lingua originaleInglese
Pagine546-554
Numero di pagine9
DOI
Stato di pubblicazionePubblicato - 2025
Evento10th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2025 - Ca'Foscari University, ita
Durata: 1 gen 2025 → …

???event.eventtypes.event.conference???

???event.eventtypes.event.conference???10th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2025
CittàCa'Foscari University, ita
Periodo1/01/25 → …

Keywords

  • CI/CD Pipeline security
  • DevSecOps
  • Zero Trust Architecture
  • ZTA

Accesso al documento

Altri file e collegamenti

Fingerprint

Entra nei temi di ricerca di 'Sok: Zero Trust as a Strategy to Address Devsecops Challenges'. Insieme formano una fingerprint unica.
Visualizza la fingerprint completa

Cita questo