Securing financial transactions: DevSecOps best practices for banking applications

The growing reliance on digital banking platforms has heightened the need for robust and integrated security mechanisms in financial applications. DevSecOps—a practice that integrates security into every phase of the software development lifecycle—has emerged as a leading strategy for mitigating risks and enhancing secure transaction processing. This study investigates the awareness, implementation, benefits, and challenges of DevSecOps in Nigerian banking and fintech organizations. Using a quantitative research approach, data were collected via structured questionnaires administered to 42 IT professionals including DevOps engineers, cybersecurity analysts, and compliance officers. Findings revealed high levels of awareness and partial implementation of key DevSecOps practices, such as secure coding and CI/CD pipeline integration. However, challenges including toolchain complexity, inadequate training, and poor cross-team collaboration were identified as significant barriers. The study concludes that while DevSecOps has the potential to transform the security landscape of financial transactions, its effectiveness is contingent upon skilled personnel, automated tools, and organizational alignment. Recommendations include targeted training, tool standardization, and enhanced collaboration models to ensure sustained security and operational efficiency in the banking sector.