An extension of the DevOps methodology, this approach integrates security into the development and operation processes. It advocates for security considerations and controls to be included from the initial stages of software development rather than being an afterthought or standalone phase. It underscores a “security as code” culture with ongoing, flexible collaboration between release engineers and security teams.