DevSecOps

The article examines the relevance of integrating source code analysis tools, specifically Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), into modern secure software development processes based on the innovative DevSecOps methodology. A review of scientific approaches and current practices for integrating security tools into CI/CD pipelines is provided, analyzing the advantages and limitations of SAST and DAST, as well as outlining trends in the development of combined security methods.

The article investigates the integration of information security into Agile software development processes, focusing on the adaptation of DevSecOps methods. The goal was to enhance the implementation of security practices by reducing vulnerability detection time, simplifying the integration of security into the development cycle, and improving team collaboration. The analysis revealed that automation of security testing reduces vulnerability detection time by 40%, while cross-functional teams improve collaboration by 30%.