Dealing with Security in a Real DevOps Environment.

Security is a hot topic in several domains especially in critical infrastructures such as the national health systems. Security practices, methods and tools enhance the resulting final products and services offered to citizens. There is no consensus on how security measures must be included within the DevOps pipeline. This paper provides a DevOps approach for managing security measures along the DevOps pipeline. This approach is based on source code analysis at the integration phase, and it is an initial step for injecting security along the DevOps process. This approach has been developed for a real scenario related to the health sector.