Information security architects must integrate security at multiple points into DevOps workflows in a collaborative way that is largely transparent to developers, and preserves the teamwork, agility and speed of DevOps and agile development environments, delivering "DevSecOps".

In 2012, Gartner introduced the concept of DevSecOps to the market, identifying the need for information security professionals to become actively involved in DevOps initiatives and to remain true to the spirit of DevOps, embracing its philosophy of teamwork, coordination, agility and shared responsibility. Back then DevOps was relatively new, however, recent Gartner research indicates that 38% of enterprises are now using DevOps. In the same survey, security and audit tools represented the single highest-rated category of tools in terms of importance to an effective and effcient DevOps implementation, and 82% of respondents indicated that they had to deal with one or more regulations in their DevOps initiatives. The good news is that DevOps teams understand that security and compliance are necessary. Now is the time for security architects to engage these teams and apply the best practices identifed in this research.