U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

SP 800-204C

Implementation of DevSecOps for a Microservices-based Application with Service Mesh

Date Published: March 2022


Ramaswamy Chandramouli (NIST)



container orchestration and resource management platform; DevSecOps; CI/CD pipelines; infrastructure as code; policy as code; observability as code; GitOps; workflow models; static AST; dynamic AST; interactive AST; SCA
Control Families

None selected


SP 800-204C (DOI)
Local Download

Supplemental Material:
None available

Other Parts of this Publication:
SP 800-204
SP 800-204A
SP 800-204B

Document History:
09/29/21: SP 800-204C (Draft)
03/08/22: SP 800-204C (Final)