lnu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Security Tools in DevSecOps: A Systematic Literature Review
Linnaeus University, Faculty of Technology, Department of computer science and media technology (CM).
Linnaeus University, Faculty of Technology, Department of computer science and media technology (CM).
2022 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesisAlternative title
Säkerhetsverktyg i DevSecOps : En systematisk litteraturöversikt (Swedish)
Abstract [en]

DevSecOps emerged to mitigate the challenges of integrating security into DevOps. DevOps have grown tremendously, leading to difficulties in integrating security tools in its development process while maintaining speed and agility. This study aims to investigate the security tools in DevSecOps and how they have been reported in previous literature. The main objective of this study is to provide a knowledge base concerning security tools in DevSecOps that can be used to mitigate challenges regarding the selection and use of security tools in the context of DevSecOps. A systematic literature review was adopted for the research. The study collected a total of  228 studies published between 2015 and 2022; fourteen of these papers were selected to be used for data extraction after conducting a thorough review protocol.

This study has identified thirteen security tool categories used or recommended to be used in DevSecOps. These tools have been structured into seven phases of the development process and five security practices. Additionally, this study has identified twelve drawbacks and sixteen recommendations concerning the use of these security tools in DevSecOps. 

The security tools categories, recommendations, and drawbacks identified in this study could potentially be used to facilitate the challenges of selecting and using security tools in DevSecOps and similar methodologies that rely on automation and delivering software frequently. 

Place, publisher, year, edition, pages
2022. , p. 59
Keywords [en]
DevSecOps, DevOps, Security Tools, SDLC phases, Shift Security to the Left, Continuous Security, Automation, Systematic Literature Review
Keywords [sv]
DevSecOps, DevOps, Säkerhetsverktyg, SDLC-faser, Skift säkerhet till vänster, Kontinuerlig säkerhet, Automation, Systematisk litteraturgranskning
National Category
Other Engineering and Technologies not elsewhere specified
Identifiers
URN: urn:nbn:se:lnu:diva-118400OAI: oai:DiVA.org:lnu-118400DiVA, id: diva2:1727554
Subject / course
Computer Science; Computer Science
Educational program
Software Development and Operations, 180 credits; Software Engineering Programme, 180 credits
Presentation
2022-09-09, 09:45 (Swedish)
Supervisors
Examiners
Available from: 2023-01-16 Created: 2023-01-16 Last updated: 2023-01-16Bibliographically approved

Open Access in DiVA

fulltext(1141 kB)1235 downloads
File information
File name FULLTEXT01.pdfFile size 1141 kBChecksum SHA-512
81199a529e919624f660f2e5e87eb86257a62552eb3208cdb4d6e5a5a90b4e72975c8729bca578952f7a46020014a58531291603d1fd21673d5d201001102b0b
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Martelleur, JoelHamza, Amina
By organisation
Department of computer science and media technology (CM)
Other Engineering and Technologies not elsewhere specified

Search outside of DiVA

GoogleGoogle Scholar
Total: 1235 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 1589 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf