<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1110556&amp;fmt=gif">
Skip to content
    September 13, 2022

    Securing the DX NetOps Development Lifecycle with DevSecOps

    Recent, high-profile cybersecurity exploits, such as Sun Burst and Log4j, demonstrate that every enterprise is only a stone’s throw from a software vulnerability. This becomes especially critical when security is breached in a network monitoring component that has privileged access to core enterprise systems. In the case of Sun Burst, a well-known monitoring software provider made international headlines. By inadvertently delivering a backdoor malware program into an update of its monitoring platform, the software company exposed thousands of organizations, including a number of U.S. government agencies.

    Software supply chain attacks are an emerging threat targeting developers and suppliers. Attackers look for unsecured networks and unsafe software development life cycle (SDLC) practices. When they break in, they change source code and build processes to hide malware in legitimate applications. However, organizations need to trust the software they get from their existing vendors. The reality is that it is nearly impossible for an end-user company to assess the security of every update, of every application, from every supplier they use.

    The successful implementation of secure development practices relies heavily on developers being able to integrate security into their development workflow. In response, forward-thinking organizations have adopted DevSecOps to shift security tactics and strategies toward the early stages of the SDLC. By checking security early and often, issues are reduced, code reliability is improved, and products or services can be launched faster. DevSecOps is not just another “shift-left” paradigm; it has become a strategic piece of the secure SDLC.

    The demand for fast, trusted development has never been more intense. To ensure enterprise-grade software reliability and security, while rapidly delivering updates and new capabilities, the DX NetOps development organization at Broadcom Software relies on DevSecOps. Given the large number of components required in building modern software, there’s no single solution to combat all supply chain threats. That’s why there are a variety of policies, systems, and best practices Broadcom Software uses to secure its SDLC:

    • Automation. Broadcom Software has standardized on proven systems for securing and facilitating continuous integration (CI) and continuous delivery (CD). This has enabled teams to gain full control over builds and limit manual, unaudited interventions.
    • Shift left. Our organization makes the “check early, check often” mantra a reality by scheduling static scans after every code change. As a result, teams uncover security issues and identify third-party components in the source code that may pose vulnerabilities.
    • Continuous audit. Broadcom Software is continually focused on enforcing security throughout the software lifecycle. This includes team education, architectural risk assessment, code analysis, penetration testing, and continuous tracking of vulnerabilities and attack vectors.
    • Bill of materials. Our organization keeps track of what went into every build by creating unique fingerprints related to the source code, the bill of materials, and the system used to create the builds.

    Through these processes and best practices, Broadcom Software has established a level of governance that ensures every team complies with internal procedures, including continuous vulnerability scanning and remediation of reported vulnerabilities. In addition, teams are given extensive guidance for promoting product security.

    By incorporating security from the start, Broadcom Software achieves agility and speed without risking security and compliance. This also gives us an opportunity to foster a culture of innovation, leveraging the benefits provided by the continuous flow of new features and capabilities.

    With cyber threats mounting almost by the day, running up-to-date software is one of the best defenses against security breaches. DX NetOps customers can get service packs on a monthly cadence, so they can keep the product current with the latest security guidelines.

    As version currency is critical to reducing cyber threats and protecting your software investment, Broadcom Software is committed to your successful upgrades. Our Weekend Upgrade Programs help you navigate the upgrade process so you reduce the risk of extended downtime and upgrade failure. With fully staffed support and development teams available during the upgrade weekend, you get all upgrade-related case severities supported, improving the response time to any issues and reducing maintenance window requirements. As a result, there’s never been a better time to consider regular upgrades for DX NetOps, so you can most fully benefit from Broadcom Software’s commitment to delivering enterprise-grade software reliability and security.

    You can learn more about how Broadcom Software ensures DX NetOps remains current with enterprise security guidelines and adapts proactively and intelligently to new vulnerabilities in our white paper, “How Broadcom Software Integrates DevSecOps into the DX NetOps SDLC.“

    Tom Story

    Thomas Story is a product manager for DX NetOps in the AOD division within the Enterprise Software Division at Broadcom. With more than 20 years of domain experience, he has launched many successful solutions, helping customers solve problems with new technology.

    Other resources you might be interested in

    icon
    Solution and Capabilities Briefs July 6, 2026

    Network Observability NCM

    See how Network Observability NCM delivers network configuration management capabilities that automate remediation, ensure compliance, and mitigate risk.

    icon
    Office Hours July 2, 2026

    Rally Office Hours: July 2, 2026

    Explore the July 2, 2026, Rally Office Hours session covering OAuth security updates, the new portfolio item flow states beta, and upcoming event news.

    icon
    Blog June 29, 2026

    Unleashing Enterprise Agility: The Power of Portfolio Kanban Flow States

    Learn how Rally's Customizable Portfolio Item Flow States (PIFS) balance team autonomy with executive visibility to accelerate enterprise value delivery.

    icon
    Blog June 25, 2026

    Chart Your Team’s Analytics Journey with Customizable Dashboards in DX NetOps

    DX NetOps now features customizable dashboards, providing standards-based flexibility and an easy way for new and existing users to add custom dashboards.

    icon
    Blog June 25, 2026

    What’s New in Network Observability for Summer 2026

    Find out about the updates coming to Network Observability by Broadcom. See how you can reduce alert fatigue, automate compliance, and simplify management.

    icon
    Office Hours June 25, 2026

    Rally Office Hours: June 25, 2026

    Explore product tips, including AI-driven story creation, and stay updated on the latest Rally news and upcoming collaborative events for July and August.

    icon
    Office Hours June 18, 2026

    Rally Office Hours: June 18, 2026

    This session covers new in-app notifications, OAuth security updates, technical Q&A on widgets, and upcoming product roadmap sessions for the community.

    icon
    Course June 16, 2026

    Clarity Roadmaps: From Strategy to Execution

    Learn how to use Clarity roadmaps to connect investments, timelines, financials, and delivery commitments in a single view.

    icon
    Office Hours June 11, 2026

    Rally Office Hours: June 11, 2026

    Watch the June 11, 2026, Rally Office Hours for updates on Academy resources, custom page migration goals, AI documentation, and upcoming Q3 roadmap news.