https://github.com/devsecops/awesome-devsecops
Leaning in over Always Saying “No” Data & Security Science over Fear, Uncertainty and Doubt Open Contribution & Collaboration over Security-Only Requirements Consumable Security Services with APIs over Mandated Security Controls & Paperwork Business Driven Security Scores over Rubber Stamp Security Red & Blue Team Exploit Testing over Relying on Scans & Theoretical Vulnerabilities 24x7 Proactive Security Monitoring over Reacting after being Informed of an Incident Shared Threat Intelligence over Keeping Info to Ourselves Compliance Operations over Clipboards & Checklists
https://www.sans.org/reading-room/whitepapers/analyst/devsecops-playbook-36792
https://cdn2.hubspot.net/hubfs/1958393/White_Papers/devsecops_how_to_seamlessly__315283.pdf
https://2017.appsec.eu/presos/DevSecOps/An%20SDLC%20for%20the%20DevSecOps%20Era%20-%20Zane%20Lackey%20-%20OWASP_AppSec-Eu_2017.pdf https://shawnwells.io/wp-content/uploads/2017-02-21-AFCEA-West-DevOps.pdf
https://s3-eu-west-1.amazonaws.com/sqreen-assets/whitepapers/Cheat-Sheet-SecDevOps-Integrating-Security-At-Devops-Speed.pdf https://s3-eu-west-1.amazonaws.com/sqreen-assets/whitepapers/Cheat-Sheet-SecDevOps-Integrating-Security-At-Devops-Speed.pdf