Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevSecOps Best Practices- Secure Everything You...
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Sena Yakut
April 21, 2024
220
0
Share
DevSecOps Best Practices- Secure Everything You Have
Sena Yakut
April 21, 2024
More Decks by Sena Yakut
See All by Sena Yakut
The Magic Behind Automated Security Response on AWS
senayakut
0
8
AWS Cloud Security Fundamentals
senayakut
0
100
When Cloud Security Meets AI: A Playbook for the Future Leaders
senayakut
0
59
Oops, I Broke It Again - Practicing Safe Chaos in the Cloud
senayakut
0
58
Your AWS Account Got Hacked. What Happens Now?
senayakut
0
66
From Prompt to Prediction: Understanding LLM Outputs
senayakut
0
43
Thank U, Next... Prompt - Securing Generative AI Like a Queen
senayakut
0
71
Dangerous by Design Cloud Security Flaws We Keep Repeating
senayakut
0
380
re:Inforce 2025 - Serverless Threat Response for Amazon S3 Malware Detection
senayakut
0
79
Featured
See All Featured
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
1
1.2k
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
baasie
0
340
End of SEO as We Know It (SMX Advanced Version)
ipullrank
3
4.2k
Statistics for Hackers
jakevdp
799
230k
The SEO identity crisis: Don't let AI make you average
varn
0
460
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
davidcarrasco
3
130
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
118
110k
Why Your Marketing Sucks and What You Can Do About It - Sophie Logan
marketingsoph
0
140
The Curious Case for Waylosing
cassininazir
0
340
Darren the Foodie - Storyboard
khoart
PRO
3
3.3k
Getting science done with accelerated Python computing platforms
jacobtomlinson
2
190
The untapped power of vector embeddings
frankvandijk
2
1.7k
Transcript
DevSecOps Best Practices: Secure Everything You Have April 20, 2024
Sena Yakut
About me! DevSecOps Best Practices: Secure Everything You Have Sena
Yakut Senior Cloud Security Engineer senayakut.com sena_yakutt sena-yakut Lyrebird Studio
Agenda My Recommendations What, Why and How? Secure in Every
Step
We don't live in a perfect world. Even the smallest
thing you do is worth its weight in gold.
We need lots of people to do all of these.
Do whatever you can.
We do not focus on tools. You can choose whatever
you want. Your architecture, Your team, Your budget
Plan - Threat modeling, - Secure code standards, - IDE
plugins
Plan You can read my blog: Use Amazon CodeWhisperer for
Your AWS Security
Code - Static Application Security Testing (SAST), - Software Composition
Analysis, - Supply Chain Attacks, - Secure Pipelines, - Secret Scanning
Code Static Application Security Testing (SAST)
Code Software Composition Analysis
Code Software Composition Analysis
Code Secret Scanning
Build and Test - Dynamic Application Security Testing (DAST): Mobile
apps, web apps - Cloud Configuration Checks, - Vulnerability Management, - Penetration Testing, - API Testing
Build and Test
Build and Test
Release and Deploy -Access management -Live site pentesting -Configuration checks
Operate and Monitor - Alerts and Monitoring, - Threat Intelligence,
- Log Analysis, - Asset Inventory and Monitoring
Operate and Monitor
Operate and Monitor
Cultural Aspect -Automation alone will not solve the problems. -Encourage
your security mindset. -Avoid the blame game. -Build relationships with teams, don’t isolate.
DevSecOps Best Practices: Secure Everything You Have Sena Yakut Senior
Cloud Security Engineer senayakut.com sena_yakutt sena-yakut Lyrebird Studio
senayakut
aleyda
baasie
ipullrank
jakevdp
varn
davidcarrasco
twada
marketingsoph
cassininazir
khoart
jacobtomlinson
frankvandijk
