Loading...
Paper Type
Complete
Abstract
Persistent security challenges plague DevOps teams due to a deficiency in expertise regarding security tools and methods, as evidenced by frequent security incidents. Existing maturity models fail to adequately address the specific needs of DevOps teams. In response, this paper proposes "Security Belts," a novel maturity model inspired by martial arts ranking systems. This model aims to assist DevOps teams in enhancing their security capabilities by providing a structured approach, starting with fundamental activities and progressing to more advanced techniques. Drawing from the experiences of monitoring 21 teams, the paper presents lessons learned and offers actionable advice for refining maturity models tailored to software quality improvement.
Paper Number
1363
Recommended Citation
Taaibi, Samira; Dziwok, Stefan; Hermerschmidt, Lars; Koch, Thorsten; Merschjohann, Sven; and Vollmary, Mark, "Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report" (2024). AMCIS 2024 Proceedings. 13.
https://aisel.aisnet.org/amcis2024/security/security/13
Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report
Persistent security challenges plague DevOps teams due to a deficiency in expertise regarding security tools and methods, as evidenced by frequent security incidents. Existing maturity models fail to adequately address the specific needs of DevOps teams. In response, this paper proposes "Security Belts," a novel maturity model inspired by martial arts ranking systems. This model aims to assist DevOps teams in enhancing their security capabilities by providing a structured approach, starting with fundamental activities and progressing to more advanced techniques. Drawing from the experiences of monitoring 21 teams, the paper presents lessons learned and offers actionable advice for refining maturity models tailored to software quality improvement.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
SIGSEC