in a Git repository - Git as the “single source of truth” - immutable infrastructure => Infrastructure as Code - immutable containers => Docker - declarative container orchestration => Kubernetes
of the software development lifecycle - A security team should be part of the engineering team - Scanning during development - Assuming defence in depth for read/write access across environments - Hardening of containers - Secure deployment of containers into Kubernetes