with security at each step Requirements – Understanding the needs of the project Execution – Coding and deployment based on both dev and security needs Testing – Continual testing through the framework decided on Tracking – Monitoring metrics for success Update – Iteratively make adjustments as necessary
objectives: Deploy collection of environmental data in a simple and secure environment • Ensure all team members understand controls behind the website (blur the line between security and DevOps) • Have developers think of mitigation ahead of time (Such as with reading OWASP top 10)
• Have a think; what to assign for the security team to react to and what to assign for the developers to react to? • Plan the usage of continuous monitoring at every step of the way alongside encrypting and validating data logs • Third Party tools such as Opsgenie
Covid-19 • It doesn’t have to be Agile vs DevSecOps • Getting security to be part of the conversation • Added to the three questions that may be asked, add a “Will there be any security concerns on the infrastructure?” • Iteratively adding monitoring metrics to services
End Decision Tasks Verification Tasks Set Up Access to Services Execution History Security Check Tasks Worker for verification Worker for Security Checks Worker for Setting Access to Services Decider Long poll Long poll Long poll Return results Return results Return results
went! • Product owners also care very much about the security • Evaluate against benchmarks (e.g. CIS Foundations) • Utilizing AWS Inspector • Evaluate tools
the already working DevOps culture, but with a touch on security • Minimal costs • Will bring much benefits down the line • Bottom line: Crucial during the navigation of businesses through Covid-19
awsmena
dayjournal
heleeen
oracle4engineer
handy
tkengo
shinrinakamura
wmsbill
pauli
inductor
kenjikondobai
ham0215
notwaldorf
mraible
danielanewman
vanstee
philnash
tanoku
holman
bkeepers
dougneiner
sferik
kevinliebholz
keavy
