Agile & DevSecOps

Increase productivity, faster time-to-market

“DevOps” is a methodology that unites software developers, IT operations with extensive automation with the shared goal of delivering high-quality products rapidly and securely. Whilst “DevSecOps” focuses on embedding security seamlessly into these process and automation. The adoption of DevOps and ultimately DevSecOps is often associated with the integration of Agile, which helps to accelerate IT deliveries, improve product quality, speed up the time to market, and eventually create business values.

How can we help?

We help businesses to continuously remain agile and align with the user expectations as well as market standards by delivering applications seamlessly while remaining competitive in the market. We also provide unique expertise and specialist support services needed to manage the evolving cyber security business risks. 

Key Benefits of Agile & DevSecOps

  • Reduced time to market
  • Reduced manual Work
  • Improved productivity
  • Reduced IT infrastructure spend
  • Enhanced application security
  • Increased collaboration 

Our Services

Strategy and Consulting

  • Agile & DevSecOps maturity assessment
    •  Assess organisational maturity in adopting agile & DevSecOps before you embrace
  • DevSecOps landscape review
    • Review existing DevSevOps setup as per industry practice and leader’s vision
  • DevSecOps adoption roadmap
    • Phase wise DevSecOps adoption roadmap and blueprint for a successful organisational transformation
  • Agile enablement strategy
    • Assess organisational maturity in adopting agile delivery methodology



  • Agile transformation
    • SaFe consultants and PSM to drive agile transformation by coaching, mentor and facilitating
  • Version control system management
    • Managed service for complete version control management including migration and branching merging strategy
  • High available CI/CD/CD at enterprise scale
    • Multi branch declarative pipelines for anytime build and deployment in multiple high available environments
  • Infrastructure automation and configuration management
    • Programmable and immutable infrastructure for stable and consistent application environment
  • Continuous testing/ security and code quality improvement
    • Continuous code quality improvement by incorporating shift left testing integrated with CI/CD pipeline
  • Continuous application and infrastructure monitoring
    • Proactive monitoring of infrastructure and application for business continuity and minimum outages

Why PwC?

We are business risk advisors with recognised by industry accreditations for our expertise:

  • Certified by CREST, the UK industry body for a cyber security marketplace of regulated professional services, which validates PwC’s demonstrable level of assurance provided to our clients. Within the Asia Pacific region, PwC Hong Kong is one of the few CREST accredited firms with locally accredited CREST accredited consultants qualified to perform testing against the CREST criteria
  • We combine industry leading application testing technology with technical and business risk advisory.
  • Our team of certified practitioners from both Scrum Master and DevOps practices leverage our proprietary DevSecOps platform to orchestrate and automate application security testing across the software lifecycle. This reduces the misadministration of security assessments and brings together testing from disparate tools for a more holistic view of vulnerabilities.

Contact us

Kenneth Wong

Kenneth Wong

Mainland China and Hong Kong Digital Trust & Risk - Cybersecurity and Privacy Leader, PwC Hong Kong

Tel: +[852] 2289 2719

Kok Tin Gan

Kok Tin Gan

Partner, PwC Hong Kong

Tel: +[852] 2289 1935

Follow us