Techniques for providing a framework that quantifies security in DevOps deployments. The framework includes receiving parameters pertaining to specified factors relevant to security in multiple stages of a DevOps deployment, generating measurement values of the received parameters, calculating a score indicative of an overall level of security in the DevOps deployment based on an aggregation of the measurement values, and, in response to a comparison result of the calculated score against a predetermined threshold, detecting and identifying at least one security gap in the DevOps deployment. In this way, the detection and identification of potential gaps in DevOps security can be made earlier (or “shifted left”), allowing them to be addressed and/or mitigated with reduced DevOps downtime or failure.