.. rst-class:: cover-top
---------
.. raw:: html
Secure Software Development, Security, and Operations (DevSecOps) Practices
=============================================================================
Secure Software Development, Security, and Operations (DevSecOps) Practices
=============================================================================
.. container:: cover
|
|
February 2026
|
|
This publication is available free of charge from https://www.nccoe.nist.gov/projects/secure-software-development-security-and-operations-devsecops-practices
|
|nccoenistlogos|
|
|
.. container:: cover-author-grid-3
.. container:: cover-author-block
| **Alper Kerman**
| **Michael Ogata**
| National Institute of Standards and Technology
| **Parisa Grayeli**
| **Phillip Millwee**
| **Deanna Stanley**
| **Allen Tan**
| The MITRE Corporation
| **William Barker**
| Dakota Consulting
| **Sudan Ayanam**
| **Stefano Righi**
| AMI
| **Chrissa Constantine**
| **Tim Mackey**
| Black Duck
| **Rahul Dubey**
| **James Imanian**
| CyberArk
.. container:: cover-author-block
| **Daniel Carroll**
| **Daniel Jackson**
| Dell Technologies
| **Dean Coclin**
| **Dave Roche**
| DigiCert
| **Tom Gleason**
| **Shruti Sundaresh**
| Endor Labs
| **Paul Pickhardt**
| **MaryGrace Wajda**
| GitLab
| **Isaac Hepworth**
| **Brandon Lum**
| Google
| **Philippe Mulet**
| **Ritchie Schacher**
| IBM
.. container:: cover-author-block
| **Tal De La Rosa**
| **Segu Riluvan**
| **Mark Svancarek**
| Microsoft
| **Tony Berning**
| **Keng Lim**
| **Sameer Shukla**
| NextLabs
| **Chima Onukwuru**
| **Neil Roxburgh**
| Palo Alto Networks
| **Jose Palazon**
| **Michael Smith**
| Sagittal AI
| **Daniel Nebenzahl**
| **Nir Peleg**
| Scribe Security
|
|
|
National Institute of Standards and Technology
|
.. |nccoenistlogos| image:: /_static/img/nccoe-logo.svg