From f2ac654522d5e4b3d911a2ba30c227d7d150a17c Mon Sep 17 00:00:00 2001
From: Omar Santos <santosomar@gmail.com>
Date: Sun, 20 Aug 2023 17:00:04 -0400
Subject: [PATCH] Create building_devsecops_pipelines.md

---
 devsecops/building_devsecops_pipelines.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 devsecops/building_devsecops_pipelines.md

diff --git a/devsecops/building_devsecops_pipelines.md b/devsecops/building_devsecops_pipelines.md
new file mode 100644
index 0000000..d9773b8
--- /dev/null
+++ b/devsecops/building_devsecops_pipelines.md
@@ -0,0 +1,21 @@
+# Building DevSecOps Pipelines
+
+## 1. **Integration of Security into DevOps**
+   - **Collaboration**: Foster collaboration between development, security, and operations teams.
+   - **Security as Code**: Define security policies and procedures as code to ensure consistency and automation.
+
+## 2. **Continuous Integration and Continuous Deployment (CI/CD) with Security**
+   - **Automated Testing**: Implement automated security testing within CI/CD pipelines.
+   - **Secure Artifact Management**: Ensure that build artifacts are securely handled and stored.
+
+## 3. **Security Automation Tools**
+   - **Security Scanners**: Utilize tools like SAST and DAST for automated vulnerability scanning.
+   - **Configuration Management**: Use tools like Ansible or Puppet to ensure secure configurations.
+
+## 4. **Monitoring and Incident Response**
+   - **Real-time Monitoring**: Implement monitoring solutions to detect security incidents.
+   - **Automated Response**: Create automated response procedures for common security events.
+
+## 5. **Continuous Improvement**
+   - **Feedback Loops**: Establish feedback mechanisms to continuously improve security practices.
+   - **Security Metrics**: Track and analyze security metrics to gauge effectiveness.