ІЛЛЯ ЛУБЕНЕЦЬ «DevSecOps наступний етап розвитку DevOps» GO DevOps
0 likes73 views
The document emphasizes the importance of security in the face of increasing cyber attacks, with statistics highlighting the average cost of data breaches and the vulnerability of small businesses and healthcare providers. It discusses DevSecOps as a collaborative approach to integrate security into development processes, outlining key practices such as code scanning and threat modeling. A variety of security tools and technologies are mentioned to support these practices, along with the need for proper security measures.
ІЛЛЯ ЛУБЕНЕЦЬ «DevSecOps наступний етап розвитку DevOps» GO DevOps
- 4. Security is important • Average data breach cost – 4$ millions • Attacks rose in 2020 – 600% • Ukraine government is on 5th place of target attacks • 70% of small business can’t deal with cyber attack • 16% of healthcare providers are ready to prevent attack
- 5. DevSecOps
- 6. DevSecOps • Collective Responsibility • Collaboration and Integration • Pragmatic Implementation • Bridging Compliance and Development • Automation • Measure, Monitor, Report and Action
- 8. Tooling
- 9. Github security tooling • Code scanning • Dependabot • Vulnerability management
- 10. Code scaning • SonarQube • WhiteSource • Github • Code scanning • Dependabot • Vulnerability management • Coverity • BlackDuck
- 11. Threat modeling • Microsoft Threat Modeling Tool • Threat Modeler • Threat Dragon
- 12. Dynamic Application Security Testing • Checkmarx • Fortify • ZAP
- 13. Infrastructure security tools • Nessus • Azure Security Center • AWS Cloud Security
- 14. Conclusion
- 15. Security should be proper
- 16. Illia Lubenets • Solution architect • Microsoft Azure MVP • https://twitter.com/L0ndra_ • https://t.me/procrastinationselfflagellation