Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

A DevSecOps Maturity Model in 7 Words

November 04, 2018 By Derek Weeks

A few weeks ago, I delivered a lightning talk (5 minutes, 20 slides, auto-advancing every 15 seconds) at DevOps Enterprise Summit.  

The talk was inspired by a conversation I had with Navin Vembar about a DevSecOps Maturity Model his organization developed at the U.S. Government Services Administration (GSA).  While several DevSecOps maturity models exist, Navin's started with seven important words that made all of the difference.

Take 5 minutes to watch this lightning talk now to learn how and why he used the words, "Not considered viable for a DevSecOps platform":

 

 

At the end of this presentation, I offered the audience a number of links that we're tied to my out of office address there.  Because my out of office message is no longer on, I have copied all of the links you will need here:

Navin Vembar’s DevSecOps Maturity Model from the U.S. General Services Administration

Here are four additional DevSecOps maturity models:

Also, for the latest in DevSecOps blogs and event updates, I invite you to visit:

DevSecOpsDays.com

I hope Navin's insights and seven key words can help you on your DevSecOps journey.

 

 

Tags: devsecops, devsecops days, DevSecOps Maturity model, Post security/devsecops

Written by Derek Weeks

Derek serves as vice president and DevOps advocate at Sonatype and is the co-founder of All Day DevOps -- an online community of 65,000 IT professionals.