LibGuides: U.S. Naval Observatory Resources: DevSecOps Resources

Journals

Communications of the ACM ISSN:0001-0782 | eISSN:1557-7317 ACM's flagship magazine, Communications of the ACM, is the premier chronicler of computing technologies, covering the latest discoveries, innovations, and research that inspire and influence the field. Each month, Communications brings readers in-depth stories of emerging areas of computer science, new trends in IT, and practical research applications. Industry leaders choose Communications to debate technology implications, public policies, engineering challenges, and market trends.
Computers & Security ISSN: 0167-4048 Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
IEEE Security and Privacy ISSN: 1540-7993 The primary objective of IEEE Security & Privacy is to stimulate and track advances in information assurance and security and present these advances in a form that can be useful to a broad cross-section of the professional community-ranging from academic researchers to industry practitioners. It is intended to serve a broad readership. IEEE Security & Privacy is envisioned to provide a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of information assurance such as legal and ethical issues, privacy concerns, tools to help secure information, analysis of vulnerabilities and attacks, trends and new developments, pedagogical and curricular issues in educating the next generation of security professionals, secure operating systems and applications, security issues in wireless networks, design and test strategies for secure and survivable systems, and cryptology.
Information and Software Technology ISSN: 0950-5849 Information and Software Technology is the international archival journal focusing on research and experience that contributes to the improvement of software development practices. The journal's scope includes methods and techniques to better engineer software and manage its development. Articles submitted for review should have a clear component of software engineering or address ways to improve the engineering and management of software development
International Journal of Information Technologies and Systems Approach ISSN: 1935-570X | eSSN: 1935-5718 The International Journal of Information Technologies and Systems Approach (IJITSA) is a refereed global journal where a systemic interdisciplinary and/or a multi-methodology perspective of information systems, software engineering, and systems engineering are encouraged. The articles accepted in IJITSA address relevant and contemporaneous or recurrent and unsolved classic problems, opportunities, challenges, and solutions found in IT systems. The journal pursues a better understanding and development of the three addressed disciplines from an interdisciplinary and/or multi-methodology perspective focused on the construct IT system.
International Journal of Systems and Software Security and Protection ISSN: 2640-4265 | eISSN: 2640-4273 The International Journal of Systems and Software Security and Protection (IJSSSP) publishes original research on the security concerns that arise with systems and software. IJSSSP promotes the idea of developing security-aware software systems from the ground up. This journal examines the software security from a software engineering perspective and addresses technical, as well as managerial aspects of secure software engineering. IJSSSP includes all aspects of systems and software security in the development, deployment, and management processes of software systems.
Journal of Information System Security *Available By Request The Journal of Information System Security (JISSec) is a scholarly publication and an outlet for research in information system security
Journal of Systemics, Cybernetics and Informatics ISSN: 1690-4524 | eISSN: 1690-4532 The Journal on Systemics, Cybernetics and Informatics: JSCI (ISSN: 1690-4524), is a peer-reviewed open-access international publication in the areas of Systems Philosophy, System Sciences and Engineering (Systemics), Communication and Control concepts, systems and technologies (Cybernetics,) and Information Systems and Technologies (Informatics), as well as on, and especially on, the relationships among these areas and their applications.

Databases

Association for Computing Machinery (ACM) Digital Library The Association for Computing Machinery (ACM) is an international learned society for computing, and it is the world's largest scientific and education computing society. This digital library offers full text of every article published by ACM and bibliographic citations from major publishers related to computing.
Defense Technical Information Center (DTIC) Defense Technical Information Center serves the DoD community as the largest central resource for government-funded scientific, technical, engineering, and business related information available. Access Controlled site requires registering your CAC
Defense Technical Information Center (DTIC) Controlled Site (DoD and DoD Contractors Only) DTIC Online Access Controlled is the DTIC gateway to an enhanced collection of Department of Defense (DoD) unclassified, controlled information. This includes science and technology (S&T) and research and engineering (R&E) resources.
IEEE Xplore Digital Library Includes access to the full text of IEEE content published since 1988 with select content published since 1893 from: IEEE journals, transactions, and magazines, including early access documents, IEEE conference proceedings, IET journals, IET conference proceedings, IEEE published standards, and the IEEE Standards Dictionary Online. Also includes access to AbstractPlus records and select full text published since 2005 from VDE VERLAG conference.
ScienceDirect Explore scientific, technical, and medical research on ScienceDirect. Search for peer-reviewed journals, articles, book chapters and open access content.
Scopus Scopus is the world’s largest abstract and citation database of peer-reviewed literature, including scientific journals, books and conference proceedings, covering research topics across all scientific and technical disciplines, ranging from medicine and social sciences to arts and humanities.

Websites

10 Books Every DevSecOps Enthusiast Must Read We at Practical DevSecOps are big fans of books, more so when the topic is DevSecOps. We get at least a few queries every week asking guidance on how to get started in DevSecOps, this blog post will answer exactly that. Following are some of our favorite books on DevSecOps, which are both practical and insightful.
Black Pearl We are NOT a software factory, we are a software practice. It means that we build your workforce by engaging your team from platform to development, from greenfield to refactor. We as seasoned DevSecOps practitioners and agilists are here to share our experiences, thoughts, and expertise with your team to move the Naval enterprise’s technology forward towards a more lethal Navy.
DoN Joint Memo: Department of the Navy DevSecOps Task Force This memo details the implementation of Development, Security, and Operations (DevSecOps/DSO) in pursuit of modern software development and delivery, which is critical to accelerating capability to the fleet and improving the security of our information.
GSA Tech Guides: DevSecOps These guides are a collection of best practices that the GSA CTO team strives to follow. They include high-level strategy documents, practical project management approaches, and technology approaches based on the GSA CTO vision.
GSA Tech Guides: Understanding the Differences Between Agile & DevSecOps - from a Business Perspective In GSA IT, we examine how Agile and DevSecOps address different aspects of the delivery process. In terms of software development, Agile improves the process of delivery; encouraging changes in the functions and practices of the Business and Development teams to better produce the project / product envisioned by the end-user, or customer. DevSecOps improves the lead time and frequency of delivery outcomes through enhanced engineering practices; promoting a more cohesive collaboration between Development, Security, and Operations teams as they work towards continuous integration and delivery.

Books and eBooks

Building A Modern Security Program by Zane Lackey, Rebecca Huehls
Call Number: Digital Copy Available from O'Reilly Learning (formerly Safari)
ISBN: 9781491956311
Publication Date: 2018
DevOpsSec by Jim Bird How do you build security and compliance into your DevOps platforms and pipelines? With this O’Reilly report, security analysts, security engineers, and pen testers will learn how to leverage the same processes and tools—such as version control, containers, and Continuous Delivery—that DevOps practitioners use to automate software delivery and infrastructure changes. In other words, you’ll understand how to use DevOps to secure DevOps.
Call Number: Digital Copy Available from O'Reilly Learning (formerly Safari)
ISBN: 9781491958995
Publication Date: 2016
The DevSecOps Playbook by Sean D. Mack In The DevSecOps Playbook: Deliver Continuous Security at Speed, Wiley CISO and CIO Sean D. Mack delivers an expert analysis of how to keep your business secure, relying on the classic triad of people, process, and technology to examine—in depth—every component of DevSecOps. In the book, you'll learn why DevSecOps is as much about people and collaboration as it is about technology and how it impacts every part of our cybersecurity systems.
Call Number: Digital Copy Available from O'Reilly Learning (formerly Safari)
ISBN: 9781394169795
Publication Date: 2023-11-07
Evolving Technologies for Computing, Communication and Smart World: Proceedings of ETCCS 2020 by Pradeep Kumar SinghArti NoorMaheshkumar H. KolekarSudeep TanwarRaj K. BhatnagarShaweta Khanna This book presents best selected papers presented at the International Conference on Evolving Technologies for Computing, Communication and Smart World (ETCCS 2020) held on 31 January–1 February 2020 at C-DAC, Noida, India. It is co-organized by Southern Federal University, Russia; University of Jan Wyżykowski (UJW), Polkowice, Poland; and CSI, India. C-DAC, Noida received funding from MietY during the event. The technical services are supported through EasyChair, Turnitin, MailChimp and IAC Education. The book includes current research works in the areas of network and computing technologies, wireless networks and Internet of things (IoT), futuristic computing technologies, communication technologies, security and privacy.
ISBN: 9789811578045
Publication Date: 2021
Implementing DevSecOps Practices by Vandana Verma Sehgal Get to grips with application security, secure coding, and DevSecOps practices to implement in your development pipeline. By the end of this book, you’ll know how to apply application security, safe coding, and DevSecOps practices in your development pipeline to create robust security protocols.
Call Number: Digital Copy Available from O'Reilly Learning (formerly Safari)
ISBN: 9781803231495
Publication Date: 2023-12-22
Innovative Data Communication Technologies and Application: Proceedings of ICIDCA 2020 by Jennifer S. Raj, Abdullah M. Iliyasu, Robert Bestak, Zubair A. Baig This book presents the latest research in the fields of computational intelligence, ubiquitous computing models, communication intelligence, communication security, machine learning, informatics, mobile computing, cloud computing and big data analytics. The best selected papers, presented at the International Conference on Innovative Data Communication Technologies and Application (ICIDCA 2020), are included in the book. The book focuses on the theory, design, analysis, implementation and applications of distributed systems and networks.
ISBN: 9789811596513
Publication Date: 2021
Learning DevSecOps by Steve Suehring How can organizations integrate security while continuously deploying new features? How can some maintain 24-7-365 operations at internet scale? How do they integrate security into their DevOps organization? This practical guide helps you answer those questions and more. Author Steve Suehring provides unique content to help practitioners and leadership successfully implement DevOps and DevSecOps. Learning DevSecOps places an emphasis on prerequisites for success before looking at best practices, and then takes you through some of the tools and software used by successful DevSecOps-enabled organizations. You'll learn how DevOps and DevSecOps can eliminate the walls that exist between development, operations, and security so that you can tackle the needs of other teams early in the development lifecycle.
Call Number: Digital Copy Available from O'Reilly Learning (formerly Safari)
ISBN: 9781098144869
Publication Date: 2024-07-30
The Phoenix Project by Gene Kim; Kevin Behr; George Spafford The company's new IT initiative, code named Phoenix Project, is critical to the future of Parts Unlimited, but the project is massively over budget and very late. The CEO wants Bill to report directly to him and fix the mess in ninety days or else Bill's entire department will be outsourced. With the help of a prospective board member and his mysterious philosophy of The Three Ways, Bill starts to see that IT work has more in common with manufacturing plant work than he ever imagined. With the clock ticking, Bill must organize work flow, streamline interdepartmental communications, and effectively serve the other business functions at Parts Unlimited. In a fast-paced and entertaining style, three luminaries of the DevOps movement deliver a story that anyone who works in IT will recognize. Readers will not only learn how to improve their own IT organizations, they'll never view IT the same way again.
Call Number: Digital Copy Available from O'Reilly Learning (formerly Safari)
ISBN: 9781457191350
Publication Date: 2013-01-10

Questions? Contact Us

Research Commons Staff

Email Me

U.S. Naval Observatory Resources: DevSecOps Resources

Journals

Databases

Websites

Books and eBooks

Trending Articles

Questions? Contact Us

Related Guides