The Red Hat Shares newsletter helps IT leaders navigate the complicated world of IT―the open source way.



DevSecOps: Security from the start

All organizations are susceptible to information security threats―from cybercrime, which was predicted to cost the world US$6 trillion in 2021, to human error, which accounts for 95% of cybersecurity breaches.

No matter the type of threat, your organization needs to protect itself by maintaining security controls across its stack. That’s where DevSecOps comes in. Security shouldn’t be an afterthought. DevSecOps means thinking about application and infrastructure security from the start, building it into every phase of the life cycle and stack―especially now that workloads are spread across environments.

The good news: 74% of organizations that responded to our 2021 “Kubernetes adoption, security, and market trends” survey have a DevSecOps initiative in place, and 25% have an advanced initiative, integrating and automating security throughout the life cycle.

If you haven’t implemented a DevSecOps plan―or if you’re looking for guidance―this is the Red Hat Shares issue for you. Learn how to adopt DevSecOps, its stages of maturity, why your DevSecOps initiative may be falling short, and more. 

Want to start with the basics? Check out this article:

 How to adopt DevSecOps successfully

Applying existing security processes to DevOps can delay projects, cause frustrations within your team, and create financial impacts that can derail a project. DevSecOps was designed to avoid this situation.

You may also be interested in “5 DevSecOps open source projects to know

The 4 stages of DevSecOps maturity

Using this simple DevSecOps maturity model, enterprise architects can gauge how far their companies have come and how far they have to go on the DevSecOps path.


Kubernetes adoption, security, and market trends report

The semiannual edition of our report uncovers new findings about how companies are implementing DevSecOps initiatives to protect their cloud-native environments.


of respondents have had to delay an application

rollout because of security concerns.


of organizations have a DevSecOps initiative

in place.


You call that DevSecOps? Why your DevSecOps practice may be falling short.

Most things that are being called DevSecOps today are parts but not a complete solution.

Keys to better container and Kubernetes security with DevSecOps practices

As the move to cloud-native applications and services has accelerated, concerns about better securing these new apps and the underlying Kubernetes infrastructure have also grown. Learn how to adapt security best practices for cloud-native environments.

Technically Speaking: DevSecOps Decoded

In this episode of our video series, join Red Hat CTO Chris Wright and Isovalent Chief Open Source Officer Liz Rice for a discussion of DevSecOps best practices, technologies like automation, and things like runtime security and eBPF functionality.


imageCracking the Textbook―an Open Source Stories film

The high cost of course materials is a barrier to access and success in higher education. There’s a growing movement to bring open source alternatives to campus―and it’s working.


Compiler Compiler is now live

Check out our new podcast about a variety of tech topics―some big, others small, and a few strange―including open source, hackathons, DevOps, hiring, and so much more.


Did you miss our June issue on Kubernetes in depth? Check it out.

About the author

The Red Hat Shares team comprises content strategists who work with lots of smart subject matter experts. Together, we curate content on emerging tech topics your enterprise needs to learn about to stay competitive.

Read full bio