What tools do you rely on for building a DevSecOps pipeline?

What are the different types of tools that should be used together in DevSecOps?

What are the specific tools that you like to use when working on your DevSecOps pipeline? 

What is essential, and what is a nice-to-have? 

22 Answers

author avatar

Depends on budget and the larger approach to security, compliance, and risk. There are many solutions and approaches out there but many limit the ability to scale DevSecOps beyond an experiment and justify to business leaders. Standard response: SCA, SAST, DAST, IAST. Many of these tools are disconnected and some slow down performance quit a bit, especially your traditional household names. What are your goals and what are your constraints to developing a program?

author avatar

Hi we think that is essential a tool for applying static analysis technologies for Code Quality and Security

Find out what your peers are saying about Veracode, Checkmarx, PortSwigger and others in Application Security Testing (AST). Updated: November 2020.
448,542 professionals have used our research since 2012.