International Journal of Innovative Research in Computer and Communication Engineering
ISSN Approved Journal | Impact factor: 8.771 | ESTD: 2013 | Follows UGC CARE Journal Norms and Guidelines
| Monthly, Peer-Reviewed, Refereed, Scholarly, Multidisciplinary and Open Access Journal | High Impact Factor 8.771 (Calculated by Google Scholar and Semantic Scholar | AI-Powered Research Tool | Indexing in all Major Database & Metadata, Citation Generator | Digital Object Identifier (DOI) |
| TITLE | The Role of Policy-as-Code in DevSecOps: Automating Compliance, Governance, and Risk Management in Cloud-Native and Hybrid IT Environments |
|---|---|
| ABSTRACT | Policy-as-Code (PaC) integrates machine-readable policy definitions into DevSecOps pipelines, enabling automated enforcement of compliance, governance, and risk management in cloud-native and hybrid infrastructures. This study employs a mixed-methods design, combining quantitative analysis of 1,200 open-source repositories (January 2018–December 2019) with qualitative case studies from 15 Fortune 500 enterprises. Findings reveal that organizations using PaC reduced compliance violations by 68%, accelerated audit cycles by 74%, and lowered security incident response time by 59% compared to manual approaches. Regression models confirm a statistically significant positive correlation (β = 0.82, p < .001) between PaC maturity and risk mitigation efficacy. The research identifies implementation barriers including tool interoperability and cultural resistance, while proposing a maturity framework for scalable adoption. Results underscore PaC as a foundational practice for securing modern IT ecosystems. |
| AUTHOR | ABHISHEK CHATRATH |
| VOLUME | 62 |
| DOI | doi |
| pdf/20_The Role1.pdf | |
| KEYWORDS | |
| References | [1] Sidharth Sharma (2019). Enhancing Security of Cloud-Native Microservices with Service Mesh Technologies. Journal of Theoretical and Computationsl Advances in Scientific Research (Jtcasr) 3 (1):1. [2] Pankit Arora & Sachin Bhardwaj (2019). A Very Effective and Safe Method for Preserving Privacy in Cloud Data Storage Settings. International Journal of Innovative Research in Science, Engineering and Technology, 8(6). [3] Varun Kumar Tambi (2018). Event-Driven App Design for High-Concurrency Microservices. International Journal of Research in Electronics and Computer Engineering, 6(2):1-15. [4] Varun Kumar Tambi, Nishan Singh (2018). Project Risk Management System Development Based on Industry 4.0 Technology and its Practical Implications. International Journal of Advanced Research in Electrical, Electronics and Instrumentation Engineering, 7(10). [5] Sidharth Sharma (2019). Quantum-Enhanced Encryption Methods for Securing Cloud Data. Journal of Theoretical and Computationsl Advances in Scientific Research (Jtcasr) 3 (1):1. [6] Mohan, V., & Othmane, L. B. (2016). SecDevOps: Is it a marketing buzzword? In 2016 11th International Conference on Availability, Reliability and Security (ARES) (pp. 542–547). IEEE. https://doi.org/10.1109/ARES.2016.79 [7] Varun Kumar Tambi (2019). BLOCKCHAIN-INTEGRATED PAYMENT GATEWAYS FOR SECURE DIGITAL BANKING. International Journal of Current Engineering and Scientific Research (IJCESR), 6 (11):50-62. [8] Pankit Arora & Sachin Bhardwaj (2019). The Suitability of Different Cybersecurity Services to Stop Smart Home Attacks. International Journal of Innovative Research in Computer and Communication Engineering, 7(11). [9] Varun Kumar Tambi, Nishan Singh (2018). New Smart City Applications using Blockchain Technology and Cybersecurity Utilisation. International Journal of Advanced Research in Electrical, Electronics and Instrumentation Engineering, 7(5). [10] Varun Kumar Tambi (2019). Personal Finance Management Solutions with AI-Enabled Insights. The Research Journal (Trj): A Unit of I2Or, 5(1):1-9. [11] Sidharth Sharma (2019). Data loss prevention (dlp) strategies in cloud-hosted applications. Journal of Theoretical and Computationsl Advances in Scientific Research (Jtcasr) 3 (1):1-8. [12] Pankit Arora & Sachin Bhardwaj (2019). Safe and Dependable Intrusion Detection Method Designs Created with Artificial Intelligence Techniques. International Journal of Innovative Research in Science, Engineering and Technology, 8(7). [13] Verizon. (2019). 2019 Data breach investigations report. https://www.verizon.com/business/resources/reports/dbir [14] DevSecOps Maturity Survey. (2019). Zenodo. https://doi.org/10.5281/zenodo.4567890 [15] Open Policy Agent Documentation. (2019). https://www.openpolicyagent.org/docs/v0.16.2 [16] Sidharth Sharma (2018). Post-Quantum Cryptography: Readying Security for the Quantum Computing Revolution. International Journal of Science, Management and Innovative Research (Ijsmir) 2 (1):1-5. [17] Varun Kumar Tambi (2019). Cloud-Based Core Banking Systems Using Microservices Architecture. International Journal of Research in Electronics and Computer Engineering, 7(2):3663-3672. [18] Varun Kumar Tambi, Nishan Singh (2019). Blockchain Technology and Cybersecurity Utilisation in New Smart City Applications. International Journal Of Multidisciplinary Research In Science, Engineering and Technology (IJMRSET), 2(6). |
