{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T05:49:13Z","timestamp":1775886553105,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":54,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,10,24]]},"DOI":"10.1145\/3779657.3779664","type":"proceedings-article","created":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T05:12:49Z","timestamp":1775884369000},"page":"42-47","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Implementing DevSecOps: A Systematic Literature Review on Integrating Security into DevOps"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-7340-4333","authenticated-orcid":false,"given":"Jenny Ann","family":"Guyong","sequence":"first","affiliation":[{"name":"University of the Cordilleras, College of Information Technology and Computer Science, Baguio City, Philippines"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-0691-7577","authenticated-orcid":false,"given":"Rjanna Miki","family":"Balaybay","sequence":"additional","affiliation":[{"name":"University of the Cordilleras, College of Information Technology and Computer Science, Baguio City, Philippines"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-2003-9818","authenticated-orcid":false,"given":"Justine Mae","family":"Macario","sequence":"additional","affiliation":[{"name":"University of the Cordilleras, College of Information Technology and Computer Science, Baguio City, Philippines"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-1062-1373","authenticated-orcid":false,"given":"Efraim Jededia","family":"Pangan","sequence":"additional","affiliation":[{"name":"University of the Cordilleras, College of Information Technology and Computer Science, Baguio City, Philippines"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-1713-4953","authenticated-orcid":false,"given":"Jhun Russel","family":"Clemente","sequence":"additional","affiliation":[{"name":"University of the Cordilleras, College of Information Technology and Computer Science, Baguio City, Philippines"}]}],"member":"320","published-online":{"date-parts":[[2026,4,10]]},"reference":[{"key":"e_1_3_3_1_1_2","doi-asserted-by":"publisher","DOI":"10.1109\/eurospw61312.2024.00074"},{"key":"e_1_3_3_1_2_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2024.112063"},{"key":"e_1_3_3_1_3_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2021.106700"},{"key":"e_1_3_3_1_4_2","volume-title":"Khandaker Mamun Ahmed, and Chad Fenner","author":"Cheenepalli Jayaprakashreddy","year":"2025","unstructured":"Jayaprakashreddy Cheenepalli, John Hastings, Khandaker Mamun Ahmed, and Chad Fenner. 2025. Advancing DevSecOps in SMEs: Challenges and Best Practices for Secure CI\/CD Pipelines. Research & Publications 104. https:\/\/scholar.dsu.edu\/ccspapers\/104"},{"key":"e_1_3_3_1_5_2","first-page":"1","article-title":"Scaling DevOps in Large Enterprises: Challenges and Solutions","volume":"8","author":"Maclean Louis","year":"2019","unstructured":"Louis Maclean. 2019. Scaling DevOps in Large Enterprises: Challenges and Solutions. SSRN Electronic Journal 8, 1 (January 2019), 366-378.","journal-title":"SSRN Electronic Journal"},{"key":"e_1_3_3_1_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2930000"},{"key":"e_1_3_3_1_7_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2022.106894"},{"key":"e_1_3_3_1_8_2","doi-asserted-by":"publisher","DOI":"10.1088\/1742-6596\/1964\/4\/042045"},{"key":"e_1_3_3_1_9_2","first-page":"5","article-title":"DevSecOps: Integrating security into the DevOps lifecycle","volume":"1","author":"Mustyala Anirudh","year":"2023","unstructured":"Anirudh Mustyala. 2023. DevSecOps: Integrating security into the DevOps lifecycle, ISAR Journal of Multidisciplinary Research and Studies, 1, 5 (November 2023).","journal-title":"ISAR Journal of Multidisciplinary Research and Studies"},{"key":"e_1_3_3_1_10_2","first-page":"7","article-title":"A Systematic Review of DevSecOps: Bridging Security and Agile Development for Resilient Software Systems","volume":"21","author":"Veeramachaneni Vinod","year":"2023","unstructured":"Vinod Veeramachaneni. 2023. A Systematic Review of DevSecOps: Bridging Security and Agile Development for Resilient Software Systems, NeuroQuantology 21, 7 (December 2023), 1251\u20131255.","journal-title":"NeuroQuantology"},{"key":"e_1_3_3_1_11_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2024.107605"},{"key":"e_1_3_3_1_12_2","doi-asserted-by":"publisher","DOI":"10.5281\/zenodo.14921426"},{"key":"e_1_3_3_1_13_2","volume-title":"2022 IEEE 29th Annual Software Technology Conference (STC). 10","author":"Arseneault Emily","year":"2022","unstructured":"Emily Arseneault, Daniel Boudreau, Jarred Lien, and Gregory Young. 2022. Experience-Based Guidelines for Effective Planning & Management of Software Integration & Test Activities in the Agile\/DevSecOps Environment. 155-155. 2022 IEEE 29th Annual Software Technology Conference (STC). 10.1109\/STC55697.2022.00028."},{"key":"e_1_3_3_1_14_2","unstructured":"Gautam Bollieddula. 2022. Challenges and Solutions in the Implementation of DevOps Tools & Security (DevSecOps): A Systematic Review Culminating Projects in Information Assurance 127."},{"key":"e_1_3_3_1_15_2","doi-asserted-by":"publisher","DOI":"10.1109\/icd47981.2019.9105789"},{"key":"e_1_3_3_1_16_2","doi-asserted-by":"publisher","DOI":"10.3390\/electronics11223707"},{"key":"e_1_3_3_1_17_2","doi-asserted-by":"publisher","DOI":"10.1145\/3387940.3392233"},{"key":"e_1_3_3_1_18_2","doi-asserted-by":"publisher","DOI":"10.1049\/sfw2.12132"},{"key":"e_1_3_3_1_19_2","doi-asserted-by":"publisher","DOI":"10.1109\/icit58056.2023.10226018"},{"key":"e_1_3_3_1_20_2","doi-asserted-by":"publisher","DOI":"10.13189\/csit.2022.100401"},{"key":"e_1_3_3_1_21_2","volume-title":"Revista de Inteligencia Artificial en Medicina, 15, 1 (October","author":"Qasim Naveed","year":"2024","unstructured":"Naveed Qasim and Muhammad Bilal. 2024. DevSecOps: Integrating Security into IT Development and Operations, Revista de Inteligencia Artificial en Medicina, 15, 1 (October 2024)."},{"key":"e_1_3_3_1_22_2","volume-title":"Continuous Resilience: DevSecOps Strategies for Cloud and Quantum Platforms, Informatica Economic\u0103, 28, 4 (December","author":"Ticu-Jianu Robert","year":"2024","unstructured":"Robert Ticu-Jianu. 2024. Continuous Resilience: DevSecOps Strategies for Cloud and Quantum Platforms, Informatica Economic\u0103, 28, 4 (December 2024), 63-73."},{"key":"e_1_3_3_1_23_2","doi-asserted-by":"publisher","unstructured":"Vishnu Pendyala. 2020. Evolution of integration build test and Release Engineering into DevOps and to DevSecOps Tools and Techniques for Software Development in Large Organizations: Emerging Research and Opportunities (January 2020) 1\u201320. 10.4018\/978-1-7998-1863-2.ch001","DOI":"10.4018\/978-1-7998-1863-2.ch001"},{"key":"e_1_3_3_1_24_2","doi-asserted-by":"publisher","DOI":"10.1109\/ms.2022.3212194"},{"key":"e_1_3_3_1_25_2","doi-asserted-by":"publisher","unstructured":"Roshan Namal Rajapakse Mansooreh Zahedi and Muhammad Ali Babar. 2022. Collaborative Application Security Testing for DevSecOps: An empirical analysis of challenges best practices and tool support. arXiv.org (November 22). 10.48550\/arXiv.2211.06953","DOI":"10.48550\/arXiv.2211.06953"},{"key":"e_1_3_3_1_26_2","doi-asserted-by":"publisher","DOI":"10.1109\/access.2025.3549183"},{"key":"e_1_3_3_1_27_2","doi-asserted-by":"publisher","DOI":"10.1145\/3442167.3442178"},{"key":"e_1_3_3_1_28_2","doi-asserted-by":"publisher","DOI":"10.1145\/3383219.3383285"},{"key":"e_1_3_3_1_29_2","doi-asserted-by":"publisher","DOI":"10.60087\/jklst.vol2.n2.p212"},{"key":"e_1_3_3_1_30_2","doi-asserted-by":"publisher","DOI":"10.1109\/access.2025.3547932"},{"key":"e_1_3_3_1_31_2","doi-asserted-by":"publisher","DOI":"10.1184\/R1\/19193099.v1"},{"key":"e_1_3_3_1_32_2","doi-asserted-by":"publisher","DOI":"10.1109\/iisa62523.2024.10786669"},{"key":"e_1_3_3_1_33_2","first-page":"1","article-title":"DevSecOps","volume":"6","author":"Sandu Arun Kumar","year":"2021","unstructured":"Arun Kumar Sandu. 2021. DevSecOps: Integrating Security into the DevOps Lifecycle for Enhanced Resilience, Technology and Management Review, 6, 1 (February 2021), 1-19.","journal-title":"Integrating Security into the DevOps Lifecycle for Enhanced Resilience, Technology and Management Review"},{"key":"e_1_3_3_1_34_2","doi-asserted-by":"publisher","DOI":"10.36948\/ijfmr.2024.v06i04.25026"},{"key":"e_1_3_3_1_35_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSESS54813.2022.9930212"},{"key":"e_1_3_3_1_36_2","doi-asserted-by":"publisher","DOI":"10.70589\/jrtcse.2024.5.5"},{"key":"e_1_3_3_1_37_2","doi-asserted-by":"publisher","DOI":"10.57125\/fed.2022.25.12.06"},{"key":"e_1_3_3_1_38_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-024-00909-w"},{"key":"e_1_3_3_1_39_2","first-page":"1","article-title":"Implementing security by design practice with DevSecOps Shift Left Approach","volume":"2","author":"Voruganti Kiran Kumar","year":"2021","unstructured":"Kiran Kumar Voruganti. 2021. Implementing security by design practice with DevSecOps Shift Left Approach, Journal of Technological Innovations, 2, 1 (February 2021).","journal-title":"Journal of Technological Innovations"},{"key":"e_1_3_3_1_40_2","doi-asserted-by":"publisher","DOI":"10.30574\/wjaets.2024.11.2.0093"},{"key":"e_1_3_3_1_41_2","doi-asserted-by":"publisher","DOI":"10.1109\/access.2024.3434618"},{"key":"e_1_3_3_1_42_2","first-page":"2","article-title":"DevSecOps practices for an agile and secure IT service management","volume":"23","author":"Zaydi Mounia","year":"2020","unstructured":"Mounia Zaydi and Nassereddine Bouchaib. 2020. DevSecOps practices for an agile and secure IT service management, Journal of Management Information and Decision Sciences, 23, 2 (June 2020), 134-149.","journal-title":"Journal of Management Information and Decision Sciences"},{"key":"e_1_3_3_1_43_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-024-00914-z"},{"key":"e_1_3_3_1_44_2","doi-asserted-by":"publisher","DOI":"10.2139\/ssrn.3834132"},{"key":"e_1_3_3_1_45_2","volume-title":"Vulnerability management in DevSecOps,\u00a0IRJMETS, 6, 4 (April","author":"Akula Balamurali Sreekanth","year":"2024","unstructured":"Balamurali Sreekanth Akula. 2024. Vulnerability management in DevSecOps,\u00a0IRJMETS, 6, 4 (April 2024)."},{"key":"e_1_3_3_1_46_2","doi-asserted-by":"publisher","DOI":"10.36676\/jrps.v15.i2.1472"},{"key":"e_1_3_3_1_47_2","doi-asserted-by":"publisher","DOI":"10.3390\/info12040154"},{"key":"e_1_3_3_1_48_2","volume-title":"In\u00a0Proceedings of the 15th Dewald Roode Workshop on Information Research\u00a0https:\/\/ifip.byu.edu\/00000188-e1b8-d3db-afbf-e3bd83ff0000\/drw-2023-paper-17","author":"de Kock Jacques","year":"2023","unstructured":"Jacques de Kock and Jacques Ophoff. 2023. Critical success factors for integrating security into DevOps environment, In\u00a0Proceedings of the 15th Dewald Roode Workshop on Information Research\u00a0https:\/\/ifip.byu.edu\/00000188-e1b8-d3db-afbf-e3bd83ff0000\/drw-2023-paper-17"},{"key":"e_1_3_3_1_49_2","doi-asserted-by":"publisher","DOI":"10.56726\/irjmets45309"},{"key":"e_1_3_3_1_50_2","doi-asserted-by":"publisher","DOI":"10.1109\/access.2024.3434618"},{"key":"e_1_3_3_1_51_2","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSecPODS.2019.8884935"},{"key":"e_1_3_3_1_52_2","doi-asserted-by":"publisher","DOI":"10.1109\/ainit61980.2024.10581700"},{"key":"e_1_3_3_1_53_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-23641-7_32"},{"key":"e_1_3_3_1_54_2","doi-asserted-by":"publisher","DOI":"10.48550\/arXiv.2409.03405"}],"event":{"name":"WSSE 2025: 2025 The 7th World Symposium on Software Engineering","location":"Okayama Japan","acronym":"WSSE 2025"},"container-title":["Proceedings of the 2025 7th World Symposium on Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3779657.3779664","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T05:13:49Z","timestamp":1775884429000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3779657.3779664"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,10,24]]},"references-count":54,"alternative-id":["10.1145\/3779657.3779664","10.1145\/3779657"],"URL":"https:\/\/doi.org\/10.1145\/3779657.3779664","relation":{},"subject":[],"published":{"date-parts":[[2025,10,24]]},"assertion":[{"value":"2026-04-10","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}