Mirrors/h4cker
2
0
Fork 0
mirror of https://github.com/The-Art-of-Hacking/h4cker synced 2024-11-10 05:34:12 +00:00
Code Issues Projects Releases Packages Wiki Activity

Create building_devsecops_pipelines.md

Browse source
This commit is contained in:
Omar Santos 2023-08-20 17:00:04 -04:00 committed by GitHub
parent 25717bca64
commit f2ac654522
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
devsecops/building_devsecops_pipelines.md Normal file
View file

@ -0,0 +1,21 @@
# Building DevSecOps Pipelines
## 1. **Integration of Security into DevOps**
- **Collaboration**: Foster collaboration between development, security, and operations teams.
- **Security as Code**: Define security policies and procedures as code to ensure consistency and automation.
## 2. **Continuous Integration and Continuous Deployment (CI/CD) with Security**
- **Automated Testing**: Implement automated security testing within CI/CD pipelines.
- **Secure Artifact Management**: Ensure that build artifacts are securely handled and stored.
## 3. **Security Automation Tools**
- **Security Scanners**: Utilize tools like SAST and DAST for automated vulnerability scanning.
- **Configuration Management**: Use tools like Ansible or Puppet to ensure secure configurations.
## 4. **Monitoring and Incident Response**
- **Real-time Monitoring**: Implement monitoring solutions to detect security incidents.
- **Automated Response**: Create automated response procedures for common security events.
## 5. **Continuous Improvement**
- **Feedback Loops**: Establish feedback mechanisms to continuously improve security practices.
- **Security Metrics**: Track and analyze security metrics to gauge effectiveness.