DevSecOps has been described as "security as code", "a marriage of DevOps and Security" and "shifting security to the left".
Traditional security approaches are inefficient and largely ineffective for organisations using Agile, DevOps and Cloud - as illustrated by the massive amount of recent data breaches.
DevSecOps is a new approach which embeds security to each DevOps team, with automated security testing at all stages of the software development lifecycle.
Security infrastructure, policies, controls, compliance, audit and even secure operations are all coded and automated, with almost no manual processes.
This is the basis of a new course I've developed, DevSecOps Hands-on which I'll be delivering at QA's International House in London early October.
Paul Schwarzenberger is a Cloud Security Architect and DevSecOps specialist