The shift from DevOps and security to DevSecOps: 5 key roadblocks>
Tech Beacon – Kirsten Newcomer
1) Zero trust 2) Automation 3) Attestation and digital signing 4) Vulnerability/risk assessment 5) Corporate culture With the rise in malicious activity alongside the increase in remote work and vulnerabilities in the supply chain, your organization needs to look beyond whatâs always worked to what will work best now.

Best is the operative word, because what works best is different from what works perfectly. So build your DevSevOps platform with the understanding that nothing and no one is completely safe (zero trust), that many parts of the software supply chain are now outside of your control (attestation and digital signing), and that itâs almost certain that your business will get hit with some form of malicious attack (vulnerability/risk assessment). If you can wrap automation and a security-minded company culture around solutions based on these realities, you will be well positioned to move from DevOps plus security to true DevSecOps.
Link: https://techbeacon.com/security/shift-devops-security-devsecops-5-key-roadblocks