Organizational scaling

Scaling in a company is very difficult, thus all parties in DevOps must increase the security.

Old non-DevOps structures have a ration like this

100 developers → 10 operators → 1 security specialist

Shift-left transfers the responsibility for security directly to the DevOps teams, thus DevSecOps.

Skills set needed

The right skills must be present in the DevOps team!

The benefit of this is that overall security awareness in the team increases due to the diversity in the skills

Security roles in a large-scale company are: Security Officer, Security Coach and Security Champion/Ambassador. And all they build up the Security community for the DevSecOps approach!