Enhancing Secure Software Development with AZTRM-D: An AI-Integrated Approach Combining DevSecOps, Risk Management, and Zero Trust

Enhancing Secure Software Development with AZTRM-D: An AI-Integrated Approach Combining DevSecOps, Risk Management, and Zero Trust

This paper introduces the Automated Zero Trust Risk Management with DevSecOps Integration (AZTRM-D) framework, a novel approach that embeds security throughout the entire Secure Software and System Development Life Cycle (S-SDLC). AZTRM-D strategically unifies three established methodologies: DevSec...

Full description

Saved in:

Bibliographic Details
Main Authors:	Ian Coston, Karl David Hezel, Eadan Plotnizky, Mehrdad Nojoumian
Format:	Article
Language:	English
Published:	MDPI AG 2025-07-01
Series:	Applied Sciences
Subjects:	DevSecOps NIST Risk Management Framework (RMF) NIST Zero Trust (ZT) Artificial Intelligence (AI) Secure Software and System Development Life Cycle (S-SDLC) Automated Zero Trust Risk Management with DevSecOps Integration (AZTRM-D)
Online Access:	https://www.mdpi.com/2076-3417/15/15/8163
Tags:	Add Tag No Tags, Be the first to tag this record!

Similar Items

Container Security in Cloud Environments: A Comprehensive Analysis and Future Directions for DevSecOps
by: Santosh Ugale, et al.
Published: (2023-12-01)

Extensive Review of Threat Models for DevSecOps
by: S Nagasundari, et al.
Published: (2025-01-01)

Security Hardening and Compliance Assessment of Kubernetes Control Plane and Workloads
by: Zlatan Morić, et al.
Published: (2025-06-01)

Smart Automation for Enhancing Cybersecurity
by: Ângelo Neves, et al.
Published: (2023-03-01)

Microservices-Driven Automation in Full-Stack Development: Bridging Efficiency and Innovation With FSMicroGenerator
by: Samira Khalfaoui, et al.
Published: (2025-01-01)

Exploring the Integration of Blockchain and Distributed DevOps for Secure, Transparent, and Traceable Software Development
by: Junaid Nasir Qureshi, et al.
Published: (2025-01-01)

Practical Comparison Between the CI/CD Platforms Azure DevOps and GitHub
by: Vladislav Manolov, et al.
Published: (2025-03-01)

ArtifactOps and ArtifactDL: a methodology and a language for conceptualizing and operationalising different types of pipelines
by: Raúl Miñón, et al.
Published: (2025-08-01)

Proactive Data Categorization for Privacy in DevPrivOps
by: Catarina Silva, et al.
Published: (2025-02-01)

Continuous Resilience: DevSecOps Strategies for Cloud and Quantum Platforms
by: Robert TICU-JIANU
Published: (2024-01-01)

GATEKEEPER Platform: Secure Processing Environment for European Health Data Space
by: Eugenio Gaeta, et al.
Published: (2025-01-01)

Enhancing Invoice Processing Automation Through the Integration of DevOps Methodologies and Machine Learning
by: Oana-Alexandra Dragomirescu, et al.
Published: (2025-01-01)

Integrating Time Series Anomaly Detection Into DevOps Workflows
by: Gustav Kanahols, et al.
Published: (2025-01-01)

Formulating an Engineering Framework for Future AI Certification in Aviation
by: Johann Maximilian Christensen, et al.
Published: (2025-05-01)

Best Practices Evidenced for Software Development Based on DevOps and Scrum: A Literature Review
by: Manuel Pastrana, et al.
Published: (2025-05-01)

Enhancing DataOps practices through innovative collaborative models: A systematic review
by: Aymen Fannouch, et al.
Published: (2025-06-01)

Los Algoritmos, métricas y validación en la estimación del esfuerzo y su impacto en la gestión de proyectos DevOps un mapeo sistemático de la literatura
by: Iliana Alvarado, et al.
Published: (2024-02-01)

Integrating Scrum and DevOps for Very Small Entities in South America: Design of an Implementation Guide
by: Manuel Pastrana, et al.
Published: (2025-05-01)

Disciplined Delivery and Organizational Design Maturity: A Socio-Technical Evolutionary Journey
by: Miguel A. Oltra-Rodríguez, et al.
Published: (2025-05-01)

A Reference Architecture for On-Premises Software-Defined Infrastructure Using Model-Based Systems Engineering
by: Eric S. Enos, et al.
Published: (2025-01-01)

Sec61s and Sec62/Sec63 Genes Are Essential for Survival by Regulating the Gut and Cuticle Development in <i>Locusta migratoria</i>
by: Xiaojian Liu, et al.
Published: (2025-05-01)

Towards a Definition of Computing Continuum
by: Pablo Josue Rojas Yepes, et al.
Published: (2025-07-01)

Research on intelligent cloud native architecture and key technologies for cloud and network integration
by: Gang LU, et al.
Published: (2020-09-01)

MANDİBULADA GÖRÜLEN SANTRAL DEV HÜCRELİ GRANÜLOMUN SİSTEMİK KALSİTONİN UYGULAMASI İLE TEDAVİSİ: BİR OLGU SUNUMU
by: Bozkurt Kubilay Işık, et al.
Published: (2018-04-01)

5G defense network using commercial gNodeB with zero trust architecture
by: Woocheol Kim, et al.
Published: (2025-06-01)

İmmunsüpresif olmayan hastalarda görülen ve muayene ile kolayca tanı alan ‘’Dev Molloskum’’ olguları
by: Mehmet Melikoğlu
Published: (2023-04-01)

Dev Uterin Myomda Yönetim: Olgu Sunumu
by: Ahmet Kale, et al.
Published: (2015-09-01)

NIST Cybersecurity Framework in the Lens of Indonesian Internal Auditors
by: Darojatum Muthi’atur Rofi’ah
Published: (2025-03-01)

Forensic Tool Comparison on Instagram Digital Evidence Based on Android with The NIST Method
by: Imam Riadi, et al.
Published: (2018-11-01)

INTEGRACIÓN Y DESPLIEGUE CONTINUO CON DEVOPS COMO CULTURA EN EMPRESAS DEL SECTOR TI COLOMBIANAS
by: Gilberth Nick Cruz González, et al.
Published: (2023-01-01)

Simulation-Based Development of Internet of Cyber-Things Using DEVS
by: Laurent Capocchi, et al.
Published: (2025-06-01)

The Sec61 translocon is a therapeutic vulnerability in multiple myeloma
by: Antoine Domenger, et al.
Published: (2022-01-01)

Discrete Event System Specification for IoT Applications
by: Iman Alavi Fazel, et al.
Published: (2024-12-01)

A SURVEY ON ZERO TRUST SECURITY – APPLICATIONS AND CHALLENGES
by: Varun Varma Sangaraju, et al.
Published: (2025-03-01)

Improvement on the construction of nonbinary t-sEC/AUED codes
by: ZHANG Peng-cheng, et al.
Published: (2006-01-01)

Improvement on the construction of nonbinary t-sEC/AUED codes
by: ZHANG Peng-cheng, et al.
Published: (2006-01-01)

Post-Quantum Migration of the Tor Application
by: Denis Berger, et al.
Published: (2025-04-01)

Dynamic Data Updates and Weight Optimization for Predicting Vulnerability Exploitability
by: K. Bennouk, et al.
Published: (2025-01-01)

Committing AE from Sponges
by: Juliane Krämer, et al.
Published: (2024-12-01)

Design and Hardware Implementation of a Highly Flexible PRNG System for NIST-Validated Pseudorandom Sequences
by: María de Lourdes Rivas Becerra, et al.
Published: (2025-05-01)