DevOpsPorto Meetup6: Security in the wild by Renato Rodrigues

Transcript

1. Security in the wild By Renato Rodrigues

2. Who Am I Renato Rodrigues - - @simpsOn //pathonproject..com

3. Agenda The world as we know it Facing the world

   Survival mode

4. The world as we know it Implementation of new features

   New technology hype(s) Distorted notion of time New issues arise every day Security is not part of the process!

5. Facing the world Software Dev. Life Cycle

6. Requirements Who is going to use the system? How will

   they use the system? What data should be input into the system? What data should be output by the system? Requirement Specification document

7. Requirements Product Team Security Perceptions Security Work Improvements

8. Design System Design helps in: - specifying hardware and system

   requirements; - defining overall system architecture (interactions, structures, technologies,...). Implementation and Support Documentation

9. Design Architecture Teams Security Perceptions Security Work Improvements

10. Code The work is divided into modules/units and actual coding

    is started. During this phase, the code should be the developer's main focus. Real Product

11. Code Development Teams Security Perceptions Security Work Improvements

12. Testing After code development, it is necessary to test it

    against the requirements to verify that the product addresses the needs collected during the requirements stage. Product Validation!

13. Testing QA Teams Security Perceptions Security Work Improvements

14. Deployment After successful testing, the product can finally be delivered/deployed

    to the customer. Live to the world!

15. Deployment DevOps Teams Security Perceptions Security Work Improvements

16. S. Software Dev. Life Cycle

17. Thank you for your time! Renato Rodrigues - - @simpsOn

    //pathonproject..com