Skip to content

SvetlomirBalevski/workshop

BranchesTags

Repository files navigation

How to Automate Application Security - the DevSecOps way

This repo contains the material for the How to Automate Application Security - the DevSecOps way workshop.

What is DevSecOps?

First of all - a methodology.

DevSecOps—short for development, security, and operations—automates the integration of security at every phase of the software development lifecycle, from initial design through integration, testing, deployment, and software delivery.

IBM

DevSecOps stands for development, security, and operations. It's an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire IT lifecycle.

RedHat

DevSecOps (short for development, security, and operations) is a development practice that integrates security initiatives at every stage of the software development lifecycle to deliver robust and secure applications.

VMware

Agenda

0. Install Jenkins

Installation of Jenkins can be done in a lot of places. We would have 2 possibilities - install in AWS via Terraform or install locally in a docker conatiner. Installation of Jenkins in AWS will lead to adidtional charges. Free tier machines are not enough for running Jenkins

1. Pull and Test

2. Static Application Security Testing

3. Software Composition Analysis

4. Build

5. Container Build and Push

6. Container Image Scan

7. Deploy

8. Dynamic Application Security Testing

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages