Upgrade to Pro — share decks privately, control downloads, hide ads and more …

DevSecOps Best Practices- Secure Everything You...

Sena Yakut
April 21, 2024
130

DevSecOps Best Practices- Secure Everything You Have

Sena Yakut

April 21, 2024
Tweet

Transcript

  1. About me! DevSecOps Best Practices: Secure Everything You Have Sena

    Yakut Senior Cloud Security Engineer senayakut.com sena_yakutt sena-yakut Lyrebird Studio
  2. We don't live in a perfect world. Even the smallest

    thing you do is worth its weight in gold.
  3. We do not focus on tools. You can choose whatever

    you want. Your architecture, Your team, Your budget
  4. Code - Static Application Security Testing (SAST), - Software Composition

    Analysis, - Supply Chain Attacks, - Secure Pipelines, - Secret Scanning
  5. Build and Test - Dynamic Application Security Testing (DAST): Mobile

    apps, web apps - Cloud Configuration Checks, - Vulnerability Management, - Penetration Testing, - API Testing
  6. Operate and Monitor - Alerts and Monitoring, - Threat Intelligence,

    - Log Analysis, - Asset Inventory and Monitoring
  7. Cultural Aspect -Automation alone will not solve the problems. -Encourage

    your security mindset. -Avoid the blame game. -Build relationships with teams, don’t isolate.
  8. DevSecOps Best Practices: Secure Everything You Have Sena Yakut Senior

    Cloud Security Engineer senayakut.com sena_yakutt sena-yakut Lyrebird Studio