Abstract

Companies are generally hyper-focused on releasing software quickly to meet strict deadlines or to stay ahead of the competition. This results in implementing security once software is near release. Most organizations spend 6% - 15% of security budgets on data security and discovery time for 56% of data breaches can take months or even longer to identify. Applying DevSecOps best practices early, can catch and fix security problems, and train teams in what to avoid in the future. It brings better collaboration between teams, faster time to market, and improved overall productivity. AutoDSO established security baseline requirements allowing users to select metrics specific to their DevSecOps procedures. An automated DevSecOps policy document produced can be used by security analyst and given to auditors to monitor these procedures. AutoDSO provides efficient ways to document security best practices and ensure that security becomes part of continuous integration and continuous development (CI/CD) in organizations.