II. Engineering
1. Our DevSecOps
In re-imagining TCB digital channel over the next 5 years Strategy (2021 – 2025) to achieve our market cap goal. DevSecOps—the collaboration of Development (Dev), Security (Sec) and Operations (Ops) teams—is an organizational approach that enables faster development of applications and easier maintenance of existing deployments. By enabling organizations to create stronger bonds between Dev, Sec, Ops and other stakeholders in the company, DevSecOps promotes shorter, more controllable iterations through the adoption of best practices, automation and new tools. DevSecOps is not a technology per se, but it covers everything from the organization to culture, processes and tooling. Initial steps usually include Continuous integration and continuous delivery (CI/CD), real-time monitoring, incident response systems and collaboration platforms.
Our DevSecOps principles are listed below we follow devsecops manifesto:
- Leaning in over always saying “NO”
- Data & Security Science over fear, uncertainty and doubt
- Open Contribution & Collaboration over security-only requirements
- Consumable Security Services with APIs over mandated security controls & paperwork
- Business Driven Security Scores over rubber stamp security
- Red & Blue Team Exploit Testing over relying on scans & theoretical vulnerabilities
- 24x7 Proactive Security Monitoring over reacting after being informed of an incident
- Shared Threat Intelligence over keeping info to ourselves
- Compliance Operations over clipboards & checklists
2. Our Goals, Ambition & Vision
