--- title: "The path to devsecops in 6 steps" page_name: "The Path to DevSecOps in 6 Steps" type: "blog" slug: "devsecops-6-steps" published_at: "2017-10-26" modified_at: "2025-05-09" url: "https://www.sumologic.com/blog/devsecops-6-steps" canonical: "https://www.sumologic.com/blog/devsecops-6-steps" markdown_url: "https://www.sumologic.com/blog/devsecops-6-steps.md" lang: "en" excerpt: "George Gerchow outlines six steps you can take to get on the path to DevSecOps. Think code analysis, change management, compliance monitoring and more." taxonomy_blog_category: - "Compliance" - "DevOps & IT Operations" - "SecOps & Security" --- [ All blogs ](https://www.sumologic.com/blog "blog")[Compliance](https://www.sumologic.com/blog/compliance), [DevOps & IT Operations](https://www.sumologic.com/blog/devops-it-operations), [SecOps & Security](https://www.sumologic.com/blog/secops-security) # The Path to DevSecOps in 6 Steps [Melissa Beck](#blog-author-block-218) October 26, 2017 1 min read [Compliance](https://www.sumologic.com/blog/compliance), [DevOps & IT Operations](https://www.sumologic.com/blog/devops-it-operations), [SecOps & Security](https://www.sumologic.com/blog/secops-security) ##### Table of contents DevSecOps has been a hot topic among security professionals. According to [DevSecOps.com](http://www.devsecops.org/blog/2015/2/15/what-is-devsecops), the purpose and intent of DevSecOps is “to build on the mindset that everyone is responsible for security with the goal of safely distributing security decisions at speed and scale to those who hold the highest level of context without sacrificing the safety required.” But the road to DevSecOps isn’t necessarily easy. Sumo Logic’s VP of Security and Compliance George Gerchow outlines six steps you can take to get on the path to DevSecOps. Think code analysis, change management, compliance monitoring and more. ### Article Tags - [Compliance](https://www.sumologic.com/blog/compliance) - [DevOps & IT Operations](https://www.sumologic.com/blog/devops-it-operations) - [SecOps & Security](https://www.sumologic.com/blog/secops-security) Melissa Beck VP, Corporate Marketing Melissa is a strategic communications professional with 20+ years of experience developing and scaling global communications and influencer programs. Currently, she leads global communications for Sumo Logic focusing on corporate thought leadership, customer advocacy, employee communications and social media. In addition, she runs Sumo Logic’s Customer Advisory Board. [](https://www.sumologic.com/feed "RSS Feed")[](https://twitter.com/intent/tweet?text=The%20Path%20to%20DevSecOps%20in%206%20Steps&url=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fdevsecops-6-steps "X")[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fdevsecops-6-steps "Facebook")[](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fdevsecops-6-steps "Linkedin") [Previous blog AWS Security Best Practices: Log Management](https://www.sumologic.com/blog/aws-security-best-practices-log-management)[Next blog Monitor DynamoDB with Sumo Logic](https://www.sumologic.com/blog/monitoring-dynamodb) People who read this also enjoyed [ Sumo Logic AWS Region European Sovereign Cloud is now generally available June 2, 2026 ](https://www.sumologic.com/blog/sumo-logic-aws-region-european-sovereign-cloud-generally-available)[ Rethinking data governance and global compliance February 18, 2026 ](https://www.sumologic.com/blog/rethinking-data-governance-global-compliance)[ NIS2: Prepping your cybersecurity plan December 19, 2023 ](https://www.sumologic.com/blog/nis2-prepping-your-cybersecurity-plan)[ Cyber attackers hit the jackpot: learn why casinos aren’t the only ones vulnerable September 19, 2023 ](https://www.sumologic.com/blog/cyber-attackers-jackpot-vulnerabilities) [AI Instructions](https://www.sumologic.com/ai-instructions.md)