Skip to content
Navigation Menu
IBM Cloud
  • CatalogCatalog
  • Cost EstimatorCost Estimator
    • HelpHelp
      • Docs
  • Log in
  • Sign up
  • Catalog
  • Cost Estimator
  • Help
    • Docs

  • Navigation settings

Error

Change theme

This feature is in early stage, some parts of the platform might not fully support different themes yet.

Themes
  1. Catalog

DevSecOps Application Lifecycle Management

DevSecOps provides a set of predefined continuous integration, continuous deployment and continuous compliance toolchain templates.

  • IBM
  • Date of last update: 09/25/2025
  • Docs
  • Get help
  • Readme file
  • Details

    Type
    • Terraform
    Provider
    • IBM
    Category
    • Converged infrastructure
    • Enterprise applications
    Last updated
    • 09/25/2025
    Product version
    • 2.8.12
    Variation
    • Deploy to Kubernetes
    Est. deployment time:
    • 5min
    Copy
    Copy
    Copy
    Copy
    Copy
    Copy
  • Docs
  • Get help
  • Readme file

Details

Type
  • Terraform
Provider
  • IBM
Category
  • Converged infrastructure
  • Enterprise applications
Last updated
  • 09/25/2025
Product version
  • 2.8.12
Variation
  • Deploy to Kubernetes
Est. deployment time:
  • 5min
Copy
Copy
Copy
Copy
Copy
Copy

Overview

This deployable architecture provides tools to securely deploy application code using DevSecOps pipelines. Out of the box, these pipelines use popular scanning tools such as SonarQube, Gosec, OWASP Zap (dynamic scan), any unit test framework, and GPG for image signing. Please refer to the Deployment guide to understand the requirements beforehand.

Features and capabilities

DevSecOps

A complete end to end GitOps based reference architecture for managing the security posture of your application.

Select a variation

Select a variation

DevSecOps Toolchains

Focus sentinel
Close

DevSecOps Toolchains

Focus sentinel

The DevSecOps Application Lifecycle Management deployable architecture consists of three Continuous Delivery Toolchains, one each for development (Continuous Integration), production deployment (Continuous Deployment), and ongoing compliance validation for the deployed app (Continuous Compliance). Together they enable secure and compliant application delivery on IBM Cloud.

The IBM Cloud Security and Compliance Center manages compliance profiles that indicate when a product meets defined requirements. Each profile can contain multiple controls. Only controls that are claimed and scanned are displayed in the table. DevSecOps Application Lifecycle Management claims the following security and compliance information.

IBM Cloud Framework for Financial Services profile

Profile version 1.6.0

Partial scan
Category
Description
CMConfiguration Management
RARisk Assessment
SASystem and Services Acquisition
SISystem and Information Integrity

Getting support

Disclaimer: This product is currently available for a select number of customers and internal IBM users only. It is provided as is and might change frequently, therefore it is available to use at your own risk. IBM Cloud support is not available for this product at this time. If you would like to provide us feedback get in touch by going to the question mark in the header and clicking on feedback.


If you're experiencing issues with this product, use the following support information.

https://github.com/terraform-ibm-modules/terraform-ibm-devsecops
https://github.com/terraform-ibm-modules/terraform-ibm-devsecops/issues
24 hours / 7 days a week

72 hours

Support locations

Support locations refer to all of the countries in which product support teams are located.

  • Ireland
  • You must wait 1 hour after you contact this product's support before you can begin the escalation process.

    Copy

    1 hour

Summary

DevSecOps Application Lifecycle Management

    0 resources
    • DevSecOps Application Lifecycle Management
      0 resources
      $0.00/mo
      • Total estimated cost
        *$0.00/mo
      Already have an account? Log in