{"id":4763,"date":"2020-05-27T05:32:54","date_gmt":"2020-05-27T05:32:54","guid":{"rendered":"https:\/\/www.kovair.com\/blog\/?p=4763"},"modified":"2020-05-27T05:32:54","modified_gmt":"2020-05-27T05:32:54","slug":"kovair-devsecops-iso-27005-risk-assessment-process-workflows","status":"publish","type":"post","link":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/","title":{"rendered":"Kovair\u2019s DevSecOps: ISO 27005 Risk Assessment and Process Workflows, extending NG-Firewalls and more!"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-4772\" src=\"https:\/\/www.kovair.com\/blog\/wp-content\/uploads\/sites\/2\/2020\/05\/blog-graphics-367.jpg\" alt=\"Kovair\u2019s DevSecOps\" width=\"1000\" height=\"500\" srcset=\"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/blog-graphics-367.jpg 1000w, https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/blog-graphics-367-300x150.jpg 300w, https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/blog-graphics-367-768x384.jpg 768w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/p>\n<blockquote><p><em>Extended Detection and Response Capabilities Are Emerging to Improve Detection Accuracy and Security Productivity<\/em> \u2013 according to Gartner.<\/p><\/blockquote>\n<h2>But what about Risk Management and Process Compliance Metrics?<\/h2>\n<p>According to Gartner, in their report entitled: \u201cTop Security and Risk Management Trends,\u201d there is an unrelenting adoption of cloud and mobile computing that is disrupting the traditional market and redefining network and server security requirements, with newer solutions required:<\/p>\n<ul>\n<li>Network security is transforming to a cloud-based service delivery model with virtualized firewalls, and cloud-based AI\/ML solutions, from vendors like Palo Alto Networks, and AI\/ML offerings from vendors like Cybraics, Stellar Cyber, and others.<\/li>\n<li>Container security in the cloud, with Kubernetes-based solutions are creating numerous new challenges for securing workloads as teams adapt to an agile application world, from vendors like RedHat, and others.<\/li>\n<li>Zero trust network access (ZTNA) from vendors like ColorTokens (and others) is replacing legacy VPNs, where encrypted network access just means hackers hack securely.<\/li>\n<\/ul>\n<p>According to Gartner\u2019s report above, the following Fig. 1, is a typical architecture, including: EDR: Endpoint Detection and Response, CASB: cloud access security broker, IAM: Identity and Access Management, DLP: Data loss prevention, and Network Firewalls: NTA: network traffic analysis.<\/p>\n<p style=\"text-align: center\"><em><strong>Fig.1:<\/strong> Extended Detection and Response Conceptual Architecture \u2013 Source Gartner.<\/em><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-4764\" src=\"https:\/\/www.kovair.com\/blog\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps1-1.png\" alt=\"DevSecOps\" width=\"661\" height=\"396\" srcset=\"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps1-1.png 955w, https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps1-1-300x180.png 300w, https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps1-1-768x460.png 768w\" sizes=\"auto, (max-width: 661px) 100vw, 661px\" \/><\/p>\n<p>While NG-Firewalls (next generation) address part of the above, Workflow Process Compliance, solutions, Automation with AI\/ML and vulnerability scanning is needed, along with secure APIs.<\/p>\n<h2>So What about Risk Management?<\/h2>\n<p>The <strong>ISO<\/strong>\u00a0<strong>27005<\/strong>\u00a0<strong>Risk<\/strong>\u00a0<strong>Management<\/strong>\u00a0Standard is part of a suite of standards for information\u00a0<strong>security<\/strong>\u00a0<strong>management.<\/strong><\/p>\n<p style=\"text-align: center\"><em><strong>Fig. 2:<\/strong> The ISO 27005 Risk Management workflow \u2013 Source ISO.org<\/em><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-4765\" src=\"https:\/\/www.kovair.com\/blog\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps2-1.png\" alt=\"DevSecOps\" width=\"529\" height=\"696\" srcset=\"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps2-1.png 706w, https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps2-1-228x300.png 228w, https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps2-1-137x180.png 137w\" sizes=\"auto, (max-width: 529px) 100vw, 529px\" \/><\/p>\n<p>Kovair&#8217;s task-based workflow helps automate all the phases of reviewing and monitoring risks on a regular basis and then continuously updates the risk plans, which can be part of the ISO 27005 Risk Management Process.<\/p>\n<p style=\"text-align: center\"><em><strong>Fig.3:<\/strong> Risk Management Process<\/em><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-4766\" src=\"https:\/\/www.kovair.com\/blog\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps3.png.jpg\" alt=\"Risk Management Process\" width=\"518\" height=\"515\" srcset=\"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps3.png.jpg 783w, https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps3.png-300x298.jpg 300w, https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps3.png-150x150.jpg 150w, https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps3.png-768x764.jpg 768w, https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps3.png-181x180.jpg 181w, https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/DevSecOps3.png-50x50.jpg 50w\" sizes=\"auto, (max-width: 518px) 100vw, 518px\" \/><\/p>\n<p>&nbsp;<\/p>\n<p>As shown in the Risk Management Process diagram above, Kovair\u2019s solution helps organizations to capture, manage risks as well as define mitigation plan for every risk without compromising on risk management efficiency. Some of the key capabilities offered by Kovair are:<\/p>\n<ul>\n<li>Provides industry-specific, guided templates empowering teams to instantly begin risk analysis<\/li>\n<li>Allows users to prioritize Risks based on their probability of occurrence and severity<\/li>\n<li>Provides on-screen Risk Matrix based on the likelihood and severity of Risks<\/li>\n<li>Provides integrations with multiple security tools providing visibility to security vulnerabilities<\/li>\n<li>Gives complete visibility of Risks threats or opportunities through real-time reports &amp; dashboards<\/li>\n<li>Allows to define and maintain instantaneous traceability between Design, Process requirements, Risks and Hazards<\/li>\n<\/ul>\n<h3><strong>Conclusion<\/strong><\/h3>\n<p>CIOs and Software Architects of Enterprises embarking on Digital Transformation projects should explore Kovair\u2019s latest DevSecOps-based offerings as they re-vector to newer hybrid multi-cloud datacenters offering newer services: with security vulnerability assessments built-in, via integrated partners, with added Risk Management functions.<\/p>\n<p>In this blog we have discussed the basics of ISO 27005, Risk Management process and how Kovair solution facilitates both of them. Follow-on blogs will include Use Case Scenarios and further benefits of the Kovair solution set.<\/p>\n  <div class=\"related-post grid\">\r\n        <div class=\"headline\">Related Posts<\/div>\r\n    <div class=\"post-list \">\r\n\r\n            <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Human-Centered Design vs AI-Generated Design: What Users Actually Prefer\" href=\"https:\/\/www.kovair.com\/blogs\/human-centered-design-vs-ai-generated-design-what-users-actually-prefer\/\">\r\n\r\n      <img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"500\" src=\"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2026\/05\/blog-graphics-1130--800x500.jpg\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"Human-Centered Design vs AI-Generated Design\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Human-Centered Design vs AI-Generated Design: What Users Actually Prefer\" href=\"https:\/\/www.kovair.com\/blogs\/human-centered-design-vs-ai-generated-design-what-users-actually-prefer\/\">\r\n        Human-Centered Design vs AI-Generated Design: What Users Actually Prefer  <\/a>\r\n\r\n        <\/div>\r\n              <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Security Considerations in Fintech Product Development\" href=\"https:\/\/www.kovair.com\/blogs\/security-considerations-in-fintech-product-development\/\">\r\n\r\n      <img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"500\" src=\"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2026\/05\/blog-graphics-1128-800x500.jpg\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"Security Considerations in Fintech\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Security Considerations in Fintech Product Development\" href=\"https:\/\/www.kovair.com\/blogs\/security-considerations-in-fintech-product-development\/\">\r\n        Security Considerations in Fintech Product Development  <\/a>\r\n\r\n        <\/div>\r\n              <div class=\"item\">\r\n            <div class=\"thumb post_thumb\">\r\n    <a  title=\"Streamlining the Supply Chain: Advanced Data Integration Strategies for Logistics Software\" href=\"https:\/\/www.kovair.com\/blogs\/streamlining-the-supply-chain-advanced-data-integration-strategies-for-logistics-software\/\">\r\n\r\n      <img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"500\" src=\"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2026\/04\/blog-graphics-1125-800x500.jpg\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"Streamlining the Supply Chain\" \/>\r\n\r\n    <\/a>\r\n  <\/div>\r\n\r\n  <a class=\"title post_title\"  title=\"Streamlining the Supply Chain: Advanced Data Integration Strategies for Logistics Software\" href=\"https:\/\/www.kovair.com\/blogs\/streamlining-the-supply-chain-advanced-data-integration-strategies-for-logistics-software\/\">\r\n        Streamlining the Supply Chain: Advanced Data Integration Strategies for Logistics Software  <\/a>\r\n\r\n        <\/div>\r\n      \r\n  <\/div>\r\n\r\n  <script>\r\n      <\/script>\r\n  <style>\r\n    .related-post {}\r\n\r\n    .related-post .post-list {\r\n      text-align: left;\r\n          }\r\n\r\n    .related-post .post-list .item {\r\n      margin: 10px;\r\n      padding: 0px;\r\n          }\r\n\r\n    .related-post .headline {\r\n      font-size: 18px !important;\r\n      color: #999999 !important;\r\n          }\r\n\r\n    .related-post .post-list .item .post_thumb {\r\n      max-height: 150px;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n          }\r\n\r\n    .related-post .post-list .item .post_title {\r\n      font-size: 14px;\r\n      color: #3f3f3f;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n      text-decoration: none;\r\n          }\r\n\r\n    .related-post .post-list .item .post_excerpt {\r\n      font-size: 13px;\r\n      color: #3f3f3f;\r\n      margin: 10px 0px;\r\n      padding: 0px;\r\n      display: block;\r\n      text-decoration: none;\r\n          }\r\n\r\n    @media only screen and (min-width: 1024px) {\r\n      .related-post .post-list .item {\r\n        width: 30%;\r\n      }\r\n    }\r\n\r\n    @media only screen and (min-width: 768px) and (max-width: 1023px) {\r\n      .related-post .post-list .item {\r\n        width: 90%;\r\n      }\r\n    }\r\n\r\n    @media only screen and (min-width: 0px) and (max-width: 767px) {\r\n      .related-post .post-list .item {\r\n        width: 90%;\r\n      }\r\n    }\r\n\r\n      <\/style>\r\n    <\/div>\r\n","protected":false},"excerpt":{"rendered":"<p>Extended Detection and Response Capabilities Are Emerging to Improve Detection Accuracy and Security Productivity \u2013 according to Gartner. But what about Risk Management and Process&#8230;..<\/p>\n","protected":false},"author":36,"featured_media":4772,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14,15],"tags":[59,63,87],"class_list":["post-4763","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-devops","category-devsecops","tag-devops","tag-devsecops","tag-knowledge-base"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>DevSecOps: ISO27005 Risk Assessment, Process Workflows - Kovair Blog<\/title>\n<meta name=\"description\" content=\"Read more about - Kovair\u2019s DevSecOps: ISO 27005 Risk Assessment and Process Workflows, extending NG-Firewalls and more!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"DevSecOps: ISO27005 Risk Assessment, Process Workflows - Kovair Blog\" \/>\n<meta property=\"og:description\" content=\"Read more about - Kovair\u2019s DevSecOps: ISO 27005 Risk Assessment and Process Workflows, extending NG-Firewalls and more!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/\" \/>\n<meta property=\"og:site_name\" content=\"Kovair Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-27T05:32:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/blog-graphics-367.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Akshay Sharma\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Akshay Sharma\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/\"},\"author\":{\"name\":\"Akshay Sharma\",\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/#\\\/schema\\\/person\\\/1117aca9496762ba7140a1684d7d0b3b\"},\"headline\":\"Kovair\u2019s DevSecOps: ISO 27005 Risk Assessment and Process Workflows, extending NG-Firewalls and more!\",\"datePublished\":\"2020-05-27T05:32:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/\"},\"wordCount\":509,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2020\\\/05\\\/blog-graphics-367.jpg\",\"keywords\":[\"DevOps\",\"DevSecOps\",\"Knowledge Base\"],\"articleSection\":[\"DevOps\",\"DevSecOps\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/\",\"url\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/\",\"name\":\"DevSecOps: ISO27005 Risk Assessment, Process Workflows - Kovair Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2020\\\/05\\\/blog-graphics-367.jpg\",\"datePublished\":\"2020-05-27T05:32:54+00:00\",\"description\":\"Read more about - Kovair\u2019s DevSecOps: ISO 27005 Risk Assessment and Process Workflows, extending NG-Firewalls and more!\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2020\\\/05\\\/blog-graphics-367.jpg\",\"contentUrl\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2020\\\/05\\\/blog-graphics-367.jpg\",\"width\":1000,\"height\":500,\"caption\":\"Kovair\u2019s DevSecOps\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Kovair\u2019s DevSecOps: ISO 27005 Risk Assessment and Process Workflows, extending NG-Firewalls and more!\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/#website\",\"url\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/\",\"name\":\"Kovair Blog\",\"description\":\"Kovair Latest Updates and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/#organization\",\"name\":\"Kovair Blog\",\"url\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2025\\\/07\\\/Kovair-blog-logo-2023-1.png\",\"contentUrl\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/wp-content\\\/uploads\\\/sites\\\/2\\\/2025\\\/07\\\/Kovair-blog-logo-2023-1.png\",\"width\":275,\"height\":50,\"caption\":\"Kovair Blog\"},\"image\":{\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/#\\\/schema\\\/person\\\/1117aca9496762ba7140a1684d7d0b3b\",\"name\":\"Akshay Sharma\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/cb092b1b8cb34f9c20433e4b0812ee70437f9d6df6a22a14147d439c5fd13e7d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/cb092b1b8cb34f9c20433e4b0812ee70437f9d6df6a22a14147d439c5fd13e7d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/cb092b1b8cb34f9c20433e4b0812ee70437f9d6df6a22a14147d439c5fd13e7d?s=96&d=mm&r=g\",\"caption\":\"Akshay Sharma\"},\"url\":\"https:\\\/\\\/www.kovair.com\\\/blogs\\\/author\\\/akshay-sharma\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"DevSecOps: ISO27005 Risk Assessment, Process Workflows - Kovair Blog","description":"Read more about - Kovair\u2019s DevSecOps: ISO 27005 Risk Assessment and Process Workflows, extending NG-Firewalls and more!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/","og_locale":"en_US","og_type":"article","og_title":"DevSecOps: ISO27005 Risk Assessment, Process Workflows - Kovair Blog","og_description":"Read more about - Kovair\u2019s DevSecOps: ISO 27005 Risk Assessment and Process Workflows, extending NG-Firewalls and more!","og_url":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/","og_site_name":"Kovair Blog","article_published_time":"2020-05-27T05:32:54+00:00","og_image":[{"width":1000,"height":500,"url":"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/blog-graphics-367.jpg","type":"image\/jpeg"}],"author":"Akshay Sharma","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Akshay Sharma","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/#article","isPartOf":{"@id":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/"},"author":{"name":"Akshay Sharma","@id":"https:\/\/www.kovair.com\/blogs\/#\/schema\/person\/1117aca9496762ba7140a1684d7d0b3b"},"headline":"Kovair\u2019s DevSecOps: ISO 27005 Risk Assessment and Process Workflows, extending NG-Firewalls and more!","datePublished":"2020-05-27T05:32:54+00:00","mainEntityOfPage":{"@id":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/"},"wordCount":509,"commentCount":0,"publisher":{"@id":"https:\/\/www.kovair.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/#primaryimage"},"thumbnailUrl":"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/blog-graphics-367.jpg","keywords":["DevOps","DevSecOps","Knowledge Base"],"articleSection":["DevOps","DevSecOps"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/","url":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/","name":"DevSecOps: ISO27005 Risk Assessment, Process Workflows - Kovair Blog","isPartOf":{"@id":"https:\/\/www.kovair.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/#primaryimage"},"image":{"@id":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/#primaryimage"},"thumbnailUrl":"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/blog-graphics-367.jpg","datePublished":"2020-05-27T05:32:54+00:00","description":"Read more about - Kovair\u2019s DevSecOps: ISO 27005 Risk Assessment and Process Workflows, extending NG-Firewalls and more!","breadcrumb":{"@id":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/#primaryimage","url":"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/blog-graphics-367.jpg","contentUrl":"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2020\/05\/blog-graphics-367.jpg","width":1000,"height":500,"caption":"Kovair\u2019s DevSecOps"},{"@type":"BreadcrumbList","@id":"https:\/\/www.kovair.com\/blogs\/kovair-devsecops-iso-27005-risk-assessment-process-workflows\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.kovair.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"Kovair\u2019s DevSecOps: ISO 27005 Risk Assessment and Process Workflows, extending NG-Firewalls and more!"}]},{"@type":"WebSite","@id":"https:\/\/www.kovair.com\/blogs\/#website","url":"https:\/\/www.kovair.com\/blogs\/","name":"Kovair Blog","description":"Kovair Latest Updates and Articles","publisher":{"@id":"https:\/\/www.kovair.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.kovair.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.kovair.com\/blogs\/#organization","name":"Kovair Blog","url":"https:\/\/www.kovair.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.kovair.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2025\/07\/Kovair-blog-logo-2023-1.png","contentUrl":"https:\/\/www.kovair.com\/blogs\/wp-content\/uploads\/sites\/2\/2025\/07\/Kovair-blog-logo-2023-1.png","width":275,"height":50,"caption":"Kovair Blog"},"image":{"@id":"https:\/\/www.kovair.com\/blogs\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.kovair.com\/blogs\/#\/schema\/person\/1117aca9496762ba7140a1684d7d0b3b","name":"Akshay Sharma","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/cb092b1b8cb34f9c20433e4b0812ee70437f9d6df6a22a14147d439c5fd13e7d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/cb092b1b8cb34f9c20433e4b0812ee70437f9d6df6a22a14147d439c5fd13e7d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cb092b1b8cb34f9c20433e4b0812ee70437f9d6df6a22a14147d439c5fd13e7d?s=96&d=mm&r=g","caption":"Akshay Sharma"},"url":"https:\/\/www.kovair.com\/blogs\/author\/akshay-sharma\/"}]}},"_links":{"self":[{"href":"https:\/\/www.kovair.com\/blogs\/wp-json\/wp\/v2\/posts\/4763","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kovair.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kovair.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kovair.com\/blogs\/wp-json\/wp\/v2\/users\/36"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kovair.com\/blogs\/wp-json\/wp\/v2\/comments?post=4763"}],"version-history":[{"count":0,"href":"https:\/\/www.kovair.com\/blogs\/wp-json\/wp\/v2\/posts\/4763\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kovair.com\/blogs\/wp-json\/wp\/v2\/media\/4772"}],"wp:attachment":[{"href":"https:\/\/www.kovair.com\/blogs\/wp-json\/wp\/v2\/media?parent=4763"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kovair.com\/blogs\/wp-json\/wp\/v2\/categories?post=4763"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kovair.com\/blogs\/wp-json\/wp\/v2\/tags?post=4763"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}