Home
World Journal of Advanced Research and Reviews
International Journal with High Impact Factor for fast publication of Research and Review articles

Main navigation

  • Home
    • Journal Information
    • Editorial Board Members
    • Reviewer Panel
    • Abstracting and Indexing
    • Journal Policies
    • Our CrossMark Policy
    • Publication Ethics
    • Issue in Progress
    • Current Issue
    • Past Issues
    • Instructions for Authors
    • Article processing fee
    • Track Manuscript Status
    • Get Publication Certificate
    • Join Editorial Board
    • Join Reviewer Panel
  • Contact us
  • Downloads

eISSN: 2581-9615 || CODEN: WJARAI || Impact Factor 8.2 ||  CrossRef DOI

Research and review articles are invited for publication in April 2026 (Volume 30, Issue 1) Submit manuscript

Enterprise DevSecOps: Integrating security into CI/CD pipelines for regulated industries

Breadcrumb

  • Home
  • Enterprise DevSecOps: Integrating security into CI/CD pipelines for regulated industries

ADEDAMOLA ABIODUN SOLANKE *

Dallas Baptist University,
Business Administration and Management, Dallas, Texas, USA.
 
Review Article
World Journal of Advanced Research and Reviews, 2022, 13(02), 633-648
Article DOI: 10.30574/wjarr.2022.13.2.0121
DOI url: https://doi.org/10.30574/wjarr.2022.13.2.0121
 
Received on 30 December 2021; revised on 20 February 2022; accepted on 25 February 2022
 
As organizations considered upscaling their DevOps adoption for speedy software delivery, it became imperative to integrate security into the CI/CD pipeline. The urgency of this practice cannot be overstated. Security should be embraced at every stage of the software development life cycle if only to meet compliance requirements in its strictest sense, especially where such requirements apply in industries like healthcare, finance, and government. DevSecOps turns the whole perspective toward incorporating security from Day 1 of the development cycle; that is, security is integrated and thus is never separated from or considered only toward the end.
The paper introduces DevSecOps and looks into some security problems organizations face when integrating security into their CI/CD workflows. Proactive security strategies, such as threat modeling (a process of identifying potential threats to a system and the likelihood of those threats being realized), automated security testing (using tools to automatically test for security vulnerabilities), and real-time monitoring (continuously monitoring systems for security threats), will contribute to the early identification and fixation of vulnerabilities during the software development lifecycle. It further focuses on architectural patterns that effectively integrate security into the nature of things without compromising the speed and agility of DevOps practices compared to governance frameworks that need to be matched against clearly articulated security policies, which are nevertheless to remain agile to permit operational freedom.
By automation, policy-as-code, and continuous compliance monitoring, organizations can impose their security requirements with a fair level of assurance against risks, even within regulated settings. The paper further outlines best practices for security implementation in DevOps pipelines that target common goals towards speed, security, and compliance. As the modernization process within software development lifecycles deepens further, DevSecOps is poised to become a major pillar within the construction of secure, resilient, and regulatory-compliant applications, instilling a sense of optimism about the future of secure software development.
 
Enterprise DevSecOps; Regulated industries; Security automation; Compliance-as-code; Zero Trust security.
 
https://wjarr.com/sites/default/files/fulltext_pdf/WJARR-2022-0121.pdf

Preview Article PDF

ADEDAMOLA ABIODUN SOLANKE. Enterprise DevSecOps: Integrating security into CI/CD pipelines for regulated industries. World Journal of Advanced Research and Reviews, 2022, 13(2), 633-648. Article DOI: https://doi.org/10.30574/wjarr.2022.13.2.0121

Copyright © Author(s). All rights reserved. This article is published under the terms of the Creative Commons Attribution 4.0 International License (CC BY 4.0), which permits use, sharing, adaptation, distribution, and reproduction in any medium or format, as long as appropriate credit is given to the original author(s) and source, a link to the license is provided, and any changes made are indicated.

All statements, opinions, and data contained in this publication are solely those of the individual author(s) and contributor(s). The journal, editors, reviewers, and publisher disclaim any responsibility or liability for the content, including accuracy, completeness, or any consequences arising from its use.

Get Certificates

Get Publication Certificate

Download LoA

Check Corssref DOI details

Issue details

Issue Cover Page

Editorial Board

Table of content

Copyright © 2026 World Journal of Advanced Research and Reviews - All rights reserved

Developed & Designed by VS Infosolution