The DevSecOps Manifesto
We have agreed and hold these ideals as our own:
We strive to do the right thing at the right time. And the wrong ones too.
We want to improve: our work, our customer satisfaction and indeed our lives.
We live by the ideal of: work smarter and not harder
We are collectively responsible for our success. Which means we are collectively responsible for everything.
We do not need unanimity to have an agreement. We seek a consensus, but not at all costs.
It is better to make steady slow progress than being late for the sake of perfection.
_____________________________________________
There is no point in blame for failure. Failure is expected and it is part of the process.
We put safeguards that so that each step taken is a step forward. Measured and secured.
We agree that we must find an or some objective metrics to measure our success.
The determination of these measures will be ours but also accepted by our customers or representatives.
We think that transparency and visibility of our progress, are necessary allies.
_____________________________________________
We are slave to constraints and cannot and will not encourage bottlenecks
We try to understand our coworkers as best we can, roles, ambitions, expertise and all.
We design our work and processes to avoid single points of failure.
We believe that security is quality and there is no quality without security.
We accept that security is everybody's responsibility as we are responsible for everything.
_____________________________________________
This is our guide, this is our convention. If these ideals change it will be because we agree.