Modern software leaders are all too familiar with the concept of moving the goalpost. The business demands they deliver new features faster, and when they do, the feature must then be compatible across platforms.

These days, the goalpost has moved again: Now the business wants quality software quickly –and they want it to be free of critical vulnerabilities, compliant with data privacy laws, and easily adaptable to new requirements the business demands in response to the market.

DevSecOps was born to keep up with these requirements. The goal of DevSecOps is to unite software development, operation, and security into a collaborative system where all stakeholders work together to proactively address security issues before software is developed and through its deployment.

Getting there is, of course, easier said than done. The four principles outlined below are drawn from the direct experience of putting these ideas into practice.