Get your daily dose of tech!

We Shape Your Knowledge

DevSecOps - The Darwin effect

Kirey Group


    To define a strategy for DevSecOps adoption, it is necessary the constitution of a common soul, declined in a team/technology center with cross skills for all areas of action of the model.

    By Enrico Frescura, Head of Data Security Area at Kirey Group

    The global DevSecOps market is trending positively, although current datatell this approach is still niche.

    Both large and small companies recognize the benefits, but when faced with it the main question is: "DevOps is useful, but how can we implement it?

    The situation becomes even more complex when we add the Security component, felt by companies as an increasingly strong need, today more than ever.

    Go to the news

    DevSecOps: a mission really impossibile?

    Until recently, the main operational areas within an ICT infrastructure were typically 3, managed in vertical silos:
    • R&D: a mix of architectures where application and infrastructure projects were defined, overseeing the company ICT strategy;
    • INFRASTRUCTURE: operational area for infrastructure management, from network to middleware;
    • SECURITY: structure responsible for cancelling or mitigating ICT risk.
    These areas were almost independent of each other, each with its own priorities and budget, which made the approach to DevSecOps more complex.

    SecDevOps model

    Analysts have found a possible solution, also supported by the market. This requires an evolution: the constitution of a common soul, declined in a team/technology center with cross skills for all areas of action of the model. The main task of these teams is to dictate the DevSecOps strategy of adoption and evolution, supporting both the design and the operational phases.


    Synergy and overview with the "champions"

    To ensure enough effort and know-how, the team often chooses some "champions", who can interoperate with each other, vertically covering all areas of the model. Each architect will not have a training and knowledge on every topic, so it will be crucial to create a team capable of confronting and that can overcome the barriers between the various fields of action and building a synergy and an overall vision.

    The main tasks are:
    • continuous research of the best technologies, constantly updated with respect to the market offer;
      search for orchestration without technological constraints (avoid vendor lock-in on both technologies and cloud providers);
    • definition of design procedures and processes, respecting agile frameworks and always considering security-by-design and by-default, ensuring their adoption;
    • continuous training on internal frameworks, technologies and implementation processes;
    • support to the various vertical structures, owners of the various processes and technologies.


    The new approach of Kirey Group

    To cover all Customers'needs in the DevSecOps area, Kirey Group anticipated the market needs, by creating an offer stream in 2019 that replicates the same organizational strategy and strategic setting, ensuring a common vision.

    cross team new


    Kirey Group took the best from its Development, Operations and Security areas, creating a cross-functional team of specialists such as BDM, Architect and Delivery, able to implement the DevSecOps in all its phases, ensuring an overall "harmony".

    New call-to-action

    Related posts:

    Green IT, when sustainability comes to code

    Technology plays a key role in the energy transition of energy-intensive industries and manufacturin...

    IT process automation: a real application case

    How IT process automation simplifies infrastructure management. The project Kirey Group is carrying ...

    Digital Integration Hub, how does Fast Data change...

    By Valerio Mottin, Solution Development Manager – Digital Solutions Area di Kirey Group