SlideShare ist ein Scribd-Unternehmen logo

Enabling multicloud in the enterprise with DevSecOps

J
Josh Boyd

Core federal agencies are using multiple cloud providers to avoid vendor lock-in and optimize their workloads' infrastructure. Taking advantage of each cloud provider's strengths comes with some challenges: multicloud security and compliance, inventory tracking, resource utilization, and software delivery automation. In this session, you'll see how Red Hat CloudForms and Red Hat OpenShift Container Platform, paired with Booz Allen’s Solutions Delivery Platform, addresses these challenges and brings governance to your DevOps pipeline and multicloud environment.

Technologie
1 von 18
Downloaden Sie, um offline zu lesen
ENABLING MULTICLOUD IN THE ENTERPRISE WITH DEVSECOPSJosh Boyd, Booz Allen Hamilton Steven Terrana, Booz Allen Hamilton MAY 2019
Why are organizations embracing DevSecOps? Organizations embrace DevSecOps to continuously deliver high-quality and reliable software to their users. • Culture and teamwork evolves with the intent to build better quality software faster • High-performing teams are needed to maintain balance in the opposing forces of throughput and stability, while both are amplified • DevSecOps realizes the Agile benefits of reducing risk, increasing velocity, and improving quality, but scaled beyond the development lifecycle to the product lifecycle. It increases resiliency, reduces unplanned downtime, and provides production metrics to close the feedback loop to adapt to users and fix software hastily. What is DevSecOps? Encouraging behaviors and designing processes to optimize coordination of software development and IT operations teams. • Emphasis of a team-culture change is greater than that of any particular tool or framework • New approaches amplify teamwork to yield a high-rate of delivery of small-scoped features • Practicing new activities or performing them in new ways to eliminate waste DEVSECOPS IS AT THE HEART FOR ENABLING HIGH-PERFORMING IT TEAMS
TRUSTED SOFTWARE SUPPLY CHAIN BOOZ ALLEN DEVSECOPS PUTS THE SECURITY IN DEVOPS 2 • Shift-left many security and compliance activities as a shared responsibility of the whole team • Educate and automate security vigilance to establish early detection, confidence, and trust required for Continuous Delivery • Perform vulnerability and compliance inspection of dependencies, code, container images, and running applications ACCESSIBILITY ASSURANCE Crawl web pages for compliance with section 508 standards to give developers early warning and opportunity to improve the site while accelerating manual 508 testing. STATIC CODE ANALYSIS Analyze the code written by developers for inadvertent technical and logical flaws that make it vulnerable. CONTINUOUS COMPLIANCE Routinely scan the configuration of hosts or containers in their packaged image state or at runtime for compliance with security policy groups (NIST, CIS, FISMA, STIG, etc.), for required patches, or for configuration drift. DEPENDENCIES Prevent introduction of vulnerabilities from the outside. Scan libraries in dependency repos, source code repos, and on disk for known vulnerabilities. IMAGE SCANNING Unpack and scan dependencies and configuration of the image to be used at runtime for vulnerabilities, out-of-date patching, and to ensure a trusted pedigree. DYNAMIC APPLICATION SECURITY TESTING Perform automated penetration testing to see how your application will withstand common attacks at runtime. CONTINUOUS SECURITY & COMPLIANCE IS PERVASIVE IN OUR DEVOPS APPROACH. IT CROSS-CUTS EVERY PRACTICE AREA Security and compliance are indicative of the same software delivery sins that spawned the DevOps movement. Work piles up because it is tedious, foreign, or difficult. Security pros are alienated and left to burn down the pile in isolation, as an afterthought. True concerns then become hugely disruptive, which breeds further discontent within the team. AS WITH QUALITY ASSURANCE, SECURITY ASSURANCE AND COMPLIANCE CAN BE INTEGRATED INTO YOUR SOFTWARE DEVELOPMENT LIFECYCLE
Booz Allen Capabilities: • Solutions Delivery Platform – Booz Allen’s open source enterprise DevSecOps capability at scale • Virtual Cloud Defense (VCD) – Booz Allen’s capability for a common security framework across cloud service providers • Multi-Cloud – Booz Allen’s capability for achieving various levels of maturity Featured Concepts: • Multi-Region Databases • SDN Supported Network Partitioning • Accelerated Application Accreditation & ATO Multi-Cloud Capabilities: Centralized Management / Orchestration • Ability to manage provisioning, enforce policy and chargeback across multiple cloud service providers. • Scaling within cloud based on performance demands and resource limits Workload Optimization • Position applications within CSP providing necessary services Disaster Recovery / COOP • Application Replication and Data Synchronization across cloud services providers, Traffic Routing / Failover in the event of outage. High Availability (Active / Active) • Ability to simultaneously operate common application payloads across multiple cloud services providers • Multi-Cloud Data Persistence, Intelligent Traffic Load Balancing • Scaling across cloud service providers/CSP regions WHAT DOES MULTI-CLOUD MEAN TO US 3
MULTI-CLOUD/MULTI-TENANT LOGICAL ARCHITECTURE
MULTI CLOUD NETWORK TOPOLOGY • This used to be a lot harder before November: • And then you had to configure high availability VPNs in your hubs, now you can do this purely with AWS and Azure provided services. • AWS Transit Gateway was created to connect VPCs and on-prem networks with a single gateway, but it works great to connect to other CSPs too! 5
MULTI CLOUD PROVISIONING DEMO 6Booz Allen Hamilton Internal
Security Profile Compliance THE DEVSECOPS PIPELINE IS A TRUSTED SOFTWARE SUPPLY CHAIN 8Booz Allen Hamilton Internal ENVIRONMENT PROMOTION Production Readiness / Maturity Select Story for Development Pull source code from SCM repo Unit Test Code Coverage Build Container Image CVEs Tag Image with Git SHA Publish Image Static Code Analysis Functional Testing Regression Testing Integration Testing Download Build Dependencies Generate BOM Sign Image Development Test / QA Staging Production Load Testing Soak Testing Validate Image Signature Validate Runtime Configs Validate Image Signature Validate Runtime Configs Validate Image Signature Validate Runtime Configs Log Aggregation Resource Utilization Continuous Runtime Security Scan Build Dependencies Accessibility Compliance Scan Penetration Testing ACAS & HBSS Scan Fuzzing DEPLOY TO PRODUCTION MONITORSYSTEM TESTINGDEPLOY TO STAGINGSYSTEM TESTINGDEPLOY TO TESTPUBLISH ARTIFACTSCAN ARTIFACTBUILD ARTIFACTTESTPLAN & DEVELOP Scan Image
THE SOLUTIONS DELIVERY PLATFORM (SDP) IS THE PURPOSE-BUILT SOLUTION THAT ENABLES OUR PHILOSOPHY AND PUTS PROCESSES AND PRACTICES INTO ACTION 9Booz Allen Hamilton Internal BENEFITS • End-to-end traceability of delivery • Real-time status at a glance • Single view of multiple apps/ components and teams • High-fidelity drill-down to activity-specific metrics • Automate delivery, and assurance of security & quality • Enable secure, on-demand flow of new features • Continuous, quantitative, and actionable feedback • Shifting-left security and streamlining activities mitigates risk by avoiding big and long releases • Productivity increase with self-service, homogenous IT • Scalable, resilient backbone • Environment parity • Improved resource utilization DevSecOps Dashboard Aggregate metrics for actionable insights to achieve continuous learning Pipeline Libraries Automated provenance with a trusted supply chain to production Jenkins Templating Engine Standardize your organization’s continuous delivery Secure Pipeline Framework Container Orchestration Platform Host the tooling in an elastic, portable environment REFERENCE MODEL FOR THE SOLUTIONS DELIVERY PLATFORM Continuous & Automated Security and Compliance Feature Feature Feature FeatureFeature
SOLIDIFYING THE BASE: RED HAT UNIVERSAL BASE IMAGE (UBI) UBI Attributes - Subset of RHEL content - Redistributable - Base and RHSCL images - Enabled yum repos - Microdnf - Supported - Cataloged - Updated - Tracked - Reusable Two Talks on UBI This Week - Choosing the right container base image for your application, Today, 1:30-2:15pm - Building production-ready containers, Wednesday, 3:30-4:15pm 10Booz Allen Hamilton Internal ü Jenkins ü SonarQube ü OWASP ZAP ü Nexus ü Helm ü The A11y Machine ü Twistlock ü OpenSCAP DevSecOps Platform Images
SOLIDIFYING THE BASE: RED HAT UNIVERSAL BASE IMAGE (UBI) 11Booz Allen Hamilton Internal Red Hat’s Universal Base Image adds a new layer of control inheritance when building security hardened PaaS Solutions ENTERPRISE INFRASTRUCTURE PLATFORM UBI APP UBI Attributes - Subset of RHEL content - Redistributable - Base and RHSCL images - Enabled yum repos - Microdnf Two Talks on UBI This Week Choosing the right container base image for your application, Today, 1:30-2:15pm Building production-ready containers, Wednesday, 3:30-4:15pm - Supported - Cataloged - Updated - Tracked - Reusable
THE SDP BUILDS TRUSTED SOFTWARE SUPPLY CHAINS 12Booz Allen Hamilton Internal The Solutions Delivery Platform allows you to build tool-agnostic, templated workflows to integrate security into every step of your software delivery lifecycle A containerized DevSecOps Platform, SDP leverages Red Hat’s Universal Base Image – meaning out-of-the-box security compliance within your organization Instead of building a pipeline per application – SDP lets you define the organizational quality and security gates that must be passed while affording teams the flexibility to choose the right tools for the job Leverage the same DevSecOps pipeline regardless of which cloud environment your application is targeting
BOOZ ALLEN’S SOLUTIONS DELIVERY PLATFORM 13Booz Allen Hamilton Internal APPLY ORGANIZATIONAL GOVERNANCE Standardize software delivery processes OPTIMIZE CODE REUSE Crowd source quality through common open source libraries SIMPLIFY PIPELINE MAINTAINABILITY Manage templates over application specific pipelines
DEMO LET’S SEE IT IN ACTION 14
OPEN SOURCE COMMUNITY 16Booz Allen Hamilton Internal The Solutions Delivery Platform components are open sourced under the Booz Allen Public License. Jenkins Templating Engine: https://github.com/boozallen/jenkins-templating-engine.git *Licensed under Apache 2.0 and released to the Jenkins Update Center https://gitter.im/jenkinsci/templating-engine-plugin SDP Pipeline Libraries: https://github.com/boozallen/sdp-libraries.git *Licensed under the Booz Allen Public License: http://boozallen.github.io/licenses/bapl Documentation: https://boozallen.github.io/sdp-docs/ Jenkins Pipeline Authoring SIG: https://jenkins.io/sigs/pipeline-authoring/ Jenkins World 2018: https://www.youtube.com/watch?v=BM9Vmsh2iMI
LEARN MORE ABOUT US Josh Boyd @joshboyd boyd_joshua@bah.com Steven Terrana @steven_terrana terrana_steven@bah.com https://gitter.im/jenkinsci/templating-engine-plugin https://boozallen.github.io/sdp-docs/ devsecops@bah.com https://boozallen.com/apply

Empfohlen

Digital Disruption with DevOps - Reference Architecture Overview
Digital Disruption with DevOps - Reference Architecture OverviewDigital Disruption with DevOps - Reference Architecture Overview
Digital Disruption with DevOps - Reference Architecture Overview
IBM UrbanCode Products
 
Managing IT environment complexity in a Multi-Cloud World
Managing IT environment complexity in a Multi-Cloud WorldManaging IT environment complexity in a Multi-Cloud World
Managing IT environment complexity in a Multi-Cloud World
Shashi Kiran
 
Enabling DevOps in the cloud - Federal Cloud Innovation Center
Enabling DevOps in the cloud - Federal Cloud Innovation CenterEnabling DevOps in the cloud - Federal Cloud Innovation Center
Enabling DevOps in the cloud - Federal Cloud Innovation Center
Sanjeev Sharma
 
DevOps for Mainframe for IBM Pulse Conference
DevOps for Mainframe for IBM Pulse ConferenceDevOps for Mainframe for IBM Pulse Conference
DevOps for Mainframe for IBM Pulse Conference
Rosalind Radcliffe
 
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs
 
From Apollo 13 to Google SRE
From Apollo 13 to Google SREFrom Apollo 13 to Google SRE
From Apollo 13 to Google SRE
Sanjeev Sharma
 
Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014
Sanjeev Sharma
 
DevOps in the Hybrid Cloud
DevOps in the Hybrid CloudDevOps in the Hybrid Cloud
DevOps in the Hybrid Cloud
Richard Irving
 

Empfohlen

Digital Disruption with DevOps - Reference Architecture Overview
Digital Disruption with DevOps - Reference Architecture OverviewDigital Disruption with DevOps - Reference Architecture Overview
Digital Disruption with DevOps - Reference Architecture Overview
IBM UrbanCode Products
 
Managing IT environment complexity in a Multi-Cloud World
Managing IT environment complexity in a Multi-Cloud WorldManaging IT environment complexity in a Multi-Cloud World
Managing IT environment complexity in a Multi-Cloud World
Shashi Kiran
 
Enabling DevOps in the cloud - Federal Cloud Innovation Center
Enabling DevOps in the cloud - Federal Cloud Innovation CenterEnabling DevOps in the cloud - Federal Cloud Innovation Center
Enabling DevOps in the cloud - Federal Cloud Innovation Center
Sanjeev Sharma
 
DevOps for Mainframe for IBM Pulse Conference
DevOps for Mainframe for IBM Pulse ConferenceDevOps for Mainframe for IBM Pulse Conference
DevOps for Mainframe for IBM Pulse Conference
Rosalind Radcliffe
 
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs, CloudBees, Puppet Labs Webinar Slides - IT Automation for the Mode...
XebiaLabs
 
From Apollo 13 to Google SRE
From Apollo 13 to Google SREFrom Apollo 13 to Google SRE
From Apollo 13 to Google SRE
Sanjeev Sharma
 
Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014
Sanjeev Sharma
 
DevOps in the Hybrid Cloud
DevOps in the Hybrid CloudDevOps in the Hybrid Cloud
DevOps in the Hybrid Cloud
Richard Irving
 
Deployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform EnvironmentsDeployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform Environments
IBM UrbanCode Products
 
Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402
Rosalind Radcliffe
 
Shift Happens - Rapidly Rolling Forward During Production Failure
Shift Happens - Rapidly Rolling Forward During Production FailureShift Happens - Rapidly Rolling Forward During Production Failure
Shift Happens - Rapidly Rolling Forward During Production Failure
IBM UrbanCode Products
 
Cloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentCloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business Development
Sam Garforth
 
Cloud, agile
Cloud, agileCloud, agile
Cloud, agile
Prasad Prabhakaran
 
Using Blueprints to Overcome Multi-speed IT Challenges
Using Blueprints to Overcome Multi-speed IT ChallengesUsing Blueprints to Overcome Multi-speed IT Challenges
Using Blueprints to Overcome Multi-speed IT Challenges
IBM UrbanCode Products
 
Ibm innovate ci for system z
Ibm innovate ci for system zIbm innovate ci for system z
Ibm innovate ci for system z
Rosalind Radcliffe
 
The Future of DevOps and UrbanCode
The Future of DevOps and UrbanCodeThe Future of DevOps and UrbanCode
The Future of DevOps and UrbanCode
IBM UrbanCode Products
 
Mobile to Mainframe - the Challenges of Enterprise DevOps Adoption
Mobile to Mainframe - the Challenges of Enterprise DevOps AdoptionMobile to Mainframe - the Challenges of Enterprise DevOps Adoption
Mobile to Mainframe - the Challenges of Enterprise DevOps Adoption
Sanjeev Sharma
 
Cloud and agile software projects: Overview and Benefits
Cloud and agile software projects: Overview and BenefitsCloud and agile software projects: Overview and Benefits
Cloud and agile software projects: Overview and Benefits
Guillaume Berche
 
IBM Innovate 2013 Session: DevOps 101
IBM Innovate 2013 Session: DevOps 101IBM Innovate 2013 Session: DevOps 101
IBM Innovate 2013 Session: DevOps 101
Sanjeev Sharma
 
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
Sanjeev Sharma
 
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
Siva Rama Krishna Chunduru
 
Using Lean Thinking to identify and address Delivery Pipeline bottlenecks
Using Lean Thinking to identify and address Delivery Pipeline bottlenecksUsing Lean Thinking to identify and address Delivery Pipeline bottlenecks
Using Lean Thinking to identify and address Delivery Pipeline bottlenecks
Sanjeev Sharma
 
How NBCUniversal Adopted DevOps
How NBCUniversal Adopted DevOpsHow NBCUniversal Adopted DevOps
How NBCUniversal Adopted DevOps
Sanjeev Sharma
 
Continuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeContinuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scope
Sanjeev Sharma
 
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCode
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCodeContinuous Application Delivery to WebSphere - Featuring IBM UrbanCode
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCode
IBM UrbanCode Products
 
RDz for DevOps Webcast Series: Implementing Continuous Integration with RDz
RDz for DevOps Webcast Series: Implementing Continuous Integration with RDzRDz for DevOps Webcast Series: Implementing Continuous Integration with RDz
RDz for DevOps Webcast Series: Implementing Continuous Integration with RDz
Susan Yoskin
 
PureApplication: Devops and Urbancode
PureApplication: Devops and UrbancodePureApplication: Devops and Urbancode
PureApplication: Devops and Urbancode
John Hawkins
 
Improving Software Delivery with DevOps & Software Defined Environments
Improving Software Delivery with DevOps & Software Defined EnvironmentsImproving Software Delivery with DevOps & Software Defined Environments
Improving Software Delivery with DevOps & Software Defined Environments
Michael Elder
 
What is DevOps?
What is DevOps?What is DevOps?
What is DevOps?
Mesut Güneş
 
Testing in the new age of DevOps
Testing in the new age of DevOpsTesting in the new age of DevOps
Testing in the new age of DevOps
Moataz Mahmoud
 

Weitere ähnliche Inhalte

Was ist angesagt?

Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402
Rosalind Radcliffe
 
Mobile to Mainframe - the Challenges of Enterprise DevOps Adoption
Mobile to Mainframe - the Challenges of Enterprise DevOps AdoptionMobile to Mainframe - the Challenges of Enterprise DevOps Adoption
Mobile to Mainframe - the Challenges of Enterprise DevOps Adoption
Sanjeev Sharma
 
IBM Innovate 2013 Session: DevOps 101
IBM Innovate 2013 Session: DevOps 101IBM Innovate 2013 Session: DevOps 101
IBM Innovate 2013 Session: DevOps 101
Sanjeev Sharma
 
RDz for DevOps Webcast Series: Implementing Continuous Integration with RDz
RDz for DevOps Webcast Series: Implementing Continuous Integration with RDzRDz for DevOps Webcast Series: Implementing Continuous Integration with RDz
RDz for DevOps Webcast Series: Implementing Continuous Integration with RDz
Susan Yoskin
 

Was ist angesagt? (20)

Deployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform EnvironmentsDeployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform Environments
 
Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402
 
Shift Happens - Rapidly Rolling Forward During Production Failure
Shift Happens - Rapidly Rolling Forward During Production FailureShift Happens - Rapidly Rolling Forward During Production Failure
Shift Happens - Rapidly Rolling Forward During Production Failure
 
Cloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business DevelopmentCloud With DevOps Enabling Rapid Business Development
Cloud With DevOps Enabling Rapid Business Development
 
Cloud, agile
Cloud, agileCloud, agile
Cloud, agile
 
Using Blueprints to Overcome Multi-speed IT Challenges
Using Blueprints to Overcome Multi-speed IT ChallengesUsing Blueprints to Overcome Multi-speed IT Challenges
Using Blueprints to Overcome Multi-speed IT Challenges
 
Ibm innovate ci for system z
Ibm innovate ci for system zIbm innovate ci for system z
Ibm innovate ci for system z
 
The Future of DevOps and UrbanCode
The Future of DevOps and UrbanCodeThe Future of DevOps and UrbanCode
The Future of DevOps and UrbanCode
 
Mobile to Mainframe - the Challenges of Enterprise DevOps Adoption
Mobile to Mainframe - the Challenges of Enterprise DevOps AdoptionMobile to Mainframe - the Challenges of Enterprise DevOps Adoption
Mobile to Mainframe - the Challenges of Enterprise DevOps Adoption
 
Cloud and agile software projects: Overview and Benefits
Cloud and agile software projects: Overview and BenefitsCloud and agile software projects: Overview and Benefits
Cloud and agile software projects: Overview and Benefits
 
IBM Innovate 2013 Session: DevOps 101
IBM Innovate 2013 Session: DevOps 101IBM Innovate 2013 Session: DevOps 101
IBM Innovate 2013 Session: DevOps 101
 
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
 
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
 
Using Lean Thinking to identify and address Delivery Pipeline bottlenecks
Using Lean Thinking to identify and address Delivery Pipeline bottlenecksUsing Lean Thinking to identify and address Delivery Pipeline bottlenecks
Using Lean Thinking to identify and address Delivery Pipeline bottlenecks
 
How NBCUniversal Adopted DevOps
How NBCUniversal Adopted DevOpsHow NBCUniversal Adopted DevOps
How NBCUniversal Adopted DevOps
 
Continuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeContinuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scope
 
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCode
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCodeContinuous Application Delivery to WebSphere - Featuring IBM UrbanCode
Continuous Application Delivery to WebSphere - Featuring IBM UrbanCode
 
RDz for DevOps Webcast Series: Implementing Continuous Integration with RDz
RDz for DevOps Webcast Series: Implementing Continuous Integration with RDzRDz for DevOps Webcast Series: Implementing Continuous Integration with RDz
RDz for DevOps Webcast Series: Implementing Continuous Integration with RDz
 
PureApplication: Devops and Urbancode
PureApplication: Devops and UrbancodePureApplication: Devops and Urbancode
PureApplication: Devops and Urbancode
 
Improving Software Delivery with DevOps & Software Defined Environments
Improving Software Delivery with DevOps & Software Defined EnvironmentsImproving Software Delivery with DevOps & Software Defined Environments
Improving Software Delivery with DevOps & Software Defined Environments
 

Ähnlich wie Enabling multicloud in the enterprise with DevSecOps

DevSecOps on Azure
DevSecOps on AzureDevSecOps on Azure
DevSecOps on Azure
Seven Peaks Speaks
 
ClearScale: Continuous Automation with Docker on AWS
ClearScale: Continuous Automation with Docker on AWSClearScale: Continuous Automation with Docker on AWS
ClearScale: Continuous Automation with Docker on AWS
Amazon Web Services
 
Combining Cloud Native & PaaS: Building a Fully Managed Application Platform ...
Combining Cloud Native & PaaS: Building a Fully Managed Application Platform ...Combining Cloud Native & PaaS: Building a Fully Managed Application Platform ...
Combining Cloud Native & PaaS: Building a Fully Managed Application Platform ...
DigitalOcean
 
John N. Lewis - Resume - Public
John N. Lewis - Resume - Public John N. Lewis - Resume - Public
John N. Lewis - Resume - Public
John N. Lewis
 

Ähnlich wie Enabling multicloud in the enterprise with DevSecOps (20)

What is DevOps?
What is DevOps?What is DevOps?
What is DevOps?
 
Testing in the new age of DevOps
Testing in the new age of DevOpsTesting in the new age of DevOps
Testing in the new age of DevOps
 
DevSecOps on Azure
DevSecOps on AzureDevSecOps on Azure
DevSecOps on Azure
 
A DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scaleA DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scale
 
ClearScale: Continuous Automation with Docker on AWS
ClearScale: Continuous Automation with Docker on AWSClearScale: Continuous Automation with Docker on AWS
ClearScale: Continuous Automation with Docker on AWS
 
Customer Sharing: Trend Micro - Trend Micro's DevOps Practices
Customer Sharing: Trend Micro - Trend Micro's DevOps Practices Customer Sharing: Trend Micro - Trend Micro's DevOps Practices
Customer Sharing: Trend Micro - Trend Micro's DevOps Practices
 
Fast, Secure Deployments with Docker on AWS
Fast, Secure Deployments with Docker on AWSFast, Secure Deployments with Docker on AWS
Fast, Secure Deployments with Docker on AWS
 
Devops phase-1
Devops phase-1Devops phase-1
Devops phase-1
 
AWS Partner: Grindr: Aggregate, Analyze, and Act on 900M Daily API Calls
AWS Partner: Grindr: Aggregate, Analyze, and Act on 900M Daily API CallsAWS Partner: Grindr: Aggregate, Analyze, and Act on 900M Daily API Calls
AWS Partner: Grindr: Aggregate, Analyze, and Act on 900M Daily API Calls
 
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
 
Successful Practices for Continuous Delivery CodeCPH
Successful Practices for Continuous Delivery CodeCPHSuccessful Practices for Continuous Delivery CodeCPH
Successful Practices for Continuous Delivery CodeCPH
 
REAN Cloud DevOps Accelerators
REAN Cloud DevOps AcceleratorsREAN Cloud DevOps Accelerators
REAN Cloud DevOps Accelerators
 
Combining Cloud Native & PaaS: Building a Fully Managed Application Platform ...
Combining Cloud Native & PaaS: Building a Fully Managed Application Platform ...Combining Cloud Native & PaaS: Building a Fully Managed Application Platform ...
Combining Cloud Native & PaaS: Building a Fully Managed Application Platform ...
 
Azure App Modernization
Azure App ModernizationAzure App Modernization
Azure App Modernization
 
Technology insights: Decision Science Platform
Technology insights: Decision Science PlatformTechnology insights: Decision Science Platform
Technology insights: Decision Science Platform
 
Top devops solution providers
Top devops solution providersTop devops solution providers
Top devops solution providers
 
Agile and continuous delivery – How IBM Watson Workspace is built
Agile and continuous delivery – How IBM Watson Workspace is builtAgile and continuous delivery – How IBM Watson Workspace is built
Agile and continuous delivery – How IBM Watson Workspace is built
 
SoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by ChefSoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by Chef
 
Pivotal korea transformation_strategy_seminar_enterprise_dev_ops_20160630_v1.0
Pivotal korea transformation_strategy_seminar_enterprise_dev_ops_20160630_v1.0Pivotal korea transformation_strategy_seminar_enterprise_dev_ops_20160630_v1.0
Pivotal korea transformation_strategy_seminar_enterprise_dev_ops_20160630_v1.0
 
John N. Lewis - Resume - Public
John N. Lewis - Resume - Public John N. Lewis - Resume - Public
John N. Lewis - Resume - Public
 

Kürzlich hochgeladen

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Kürzlich hochgeladen (20)

Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 

Enabling multicloud in the enterprise with DevSecOps

  • 1. ENABLING MULTICLOUD IN THE ENTERPRISE WITH DEVSECOPSJosh Boyd, Booz Allen Hamilton Steven Terrana, Booz Allen Hamilton MAY 2019
  • 2. Why are organizations embracing DevSecOps? Organizations embrace DevSecOps to continuously deliver high-quality and reliable software to their users. • Culture and teamwork evolves with the intent to build better quality software faster • High-performing teams are needed to maintain balance in the opposing forces of throughput and stability, while both are amplified • DevSecOps realizes the Agile benefits of reducing risk, increasing velocity, and improving quality, but scaled beyond the development lifecycle to the product lifecycle. It increases resiliency, reduces unplanned downtime, and provides production metrics to close the feedback loop to adapt to users and fix software hastily. What is DevSecOps? Encouraging behaviors and designing processes to optimize coordination of software development and IT operations teams. • Emphasis of a team-culture change is greater than that of any particular tool or framework • New approaches amplify teamwork to yield a high-rate of delivery of small-scoped features • Practicing new activities or performing them in new ways to eliminate waste DEVSECOPS IS AT THE HEART FOR ENABLING HIGH-PERFORMING IT TEAMS
  • 3. TRUSTED SOFTWARE SUPPLY CHAIN BOOZ ALLEN DEVSECOPS PUTS THE SECURITY IN DEVOPS 2 • Shift-left many security and compliance activities as a shared responsibility of the whole team • Educate and automate security vigilance to establish early detection, confidence, and trust required for Continuous Delivery • Perform vulnerability and compliance inspection of dependencies, code, container images, and running applications ACCESSIBILITY ASSURANCE Crawl web pages for compliance with section 508 standards to give developers early warning and opportunity to improve the site while accelerating manual 508 testing. STATIC CODE ANALYSIS Analyze the code written by developers for inadvertent technical and logical flaws that make it vulnerable. CONTINUOUS COMPLIANCE Routinely scan the configuration of hosts or containers in their packaged image state or at runtime for compliance with security policy groups (NIST, CIS, FISMA, STIG, etc.), for required patches, or for configuration drift. DEPENDENCIES Prevent introduction of vulnerabilities from the outside. Scan libraries in dependency repos, source code repos, and on disk for known vulnerabilities. IMAGE SCANNING Unpack and scan dependencies and configuration of the image to be used at runtime for vulnerabilities, out-of-date patching, and to ensure a trusted pedigree. DYNAMIC APPLICATION SECURITY TESTING Perform automated penetration testing to see how your application will withstand common attacks at runtime. CONTINUOUS SECURITY & COMPLIANCE IS PERVASIVE IN OUR DEVOPS APPROACH. IT CROSS-CUTS EVERY PRACTICE AREA Security and compliance are indicative of the same software delivery sins that spawned the DevOps movement. Work piles up because it is tedious, foreign, or difficult. Security pros are alienated and left to burn down the pile in isolation, as an afterthought. True concerns then become hugely disruptive, which breeds further discontent within the team. AS WITH QUALITY ASSURANCE, SECURITY ASSURANCE AND COMPLIANCE CAN BE INTEGRATED INTO YOUR SOFTWARE DEVELOPMENT LIFECYCLE
  • 4. Booz Allen Capabilities: • Solutions Delivery Platform – Booz Allen’s open source enterprise DevSecOps capability at scale • Virtual Cloud Defense (VCD) – Booz Allen’s capability for a common security framework across cloud service providers • Multi-Cloud – Booz Allen’s capability for achieving various levels of maturity Featured Concepts: • Multi-Region Databases • SDN Supported Network Partitioning • Accelerated Application Accreditation & ATO Multi-Cloud Capabilities: Centralized Management / Orchestration • Ability to manage provisioning, enforce policy and chargeback across multiple cloud service providers. • Scaling within cloud based on performance demands and resource limits Workload Optimization • Position applications within CSP providing necessary services Disaster Recovery / COOP • Application Replication and Data Synchronization across cloud services providers, Traffic Routing / Failover in the event of outage. High Availability (Active / Active) • Ability to simultaneously operate common application payloads across multiple cloud services providers • Multi-Cloud Data Persistence, Intelligent Traffic Load Balancing • Scaling across cloud service providers/CSP regions WHAT DOES MULTI-CLOUD MEAN TO US 3
  • 6. MULTI CLOUD NETWORK TOPOLOGY • This used to be a lot harder before November: • And then you had to configure high availability VPNs in your hubs, now you can do this purely with AWS and Azure provided services. • AWS Transit Gateway was created to connect VPCs and on-prem networks with a single gateway, but it works great to connect to other CSPs too! 5
  • 7. MULTI CLOUD PROVISIONING DEMO 6Booz Allen Hamilton Internal
  • 8.
  • 9. Security Profile Compliance THE DEVSECOPS PIPELINE IS A TRUSTED SOFTWARE SUPPLY CHAIN 8Booz Allen Hamilton Internal ENVIRONMENT PROMOTION Production Readiness / Maturity Select Story for Development Pull source code from SCM repo Unit Test Code Coverage Build Container Image CVEs Tag Image with Git SHA Publish Image Static Code Analysis Functional Testing Regression Testing Integration Testing Download Build Dependencies Generate BOM Sign Image Development Test / QA Staging Production Load Testing Soak Testing Validate Image Signature Validate Runtime Configs Validate Image Signature Validate Runtime Configs Validate Image Signature Validate Runtime Configs Log Aggregation Resource Utilization Continuous Runtime Security Scan Build Dependencies Accessibility Compliance Scan Penetration Testing ACAS & HBSS Scan Fuzzing DEPLOY TO PRODUCTION MONITORSYSTEM TESTINGDEPLOY TO STAGINGSYSTEM TESTINGDEPLOY TO TESTPUBLISH ARTIFACTSCAN ARTIFACTBUILD ARTIFACTTESTPLAN & DEVELOP Scan Image
  • 10. THE SOLUTIONS DELIVERY PLATFORM (SDP) IS THE PURPOSE-BUILT SOLUTION THAT ENABLES OUR PHILOSOPHY AND PUTS PROCESSES AND PRACTICES INTO ACTION 9Booz Allen Hamilton Internal BENEFITS • End-to-end traceability of delivery • Real-time status at a glance • Single view of multiple apps/ components and teams • High-fidelity drill-down to activity-specific metrics • Automate delivery, and assurance of security & quality • Enable secure, on-demand flow of new features • Continuous, quantitative, and actionable feedback • Shifting-left security and streamlining activities mitigates risk by avoiding big and long releases • Productivity increase with self-service, homogenous IT • Scalable, resilient backbone • Environment parity • Improved resource utilization DevSecOps Dashboard Aggregate metrics for actionable insights to achieve continuous learning Pipeline Libraries Automated provenance with a trusted supply chain to production Jenkins Templating Engine Standardize your organization’s continuous delivery Secure Pipeline Framework Container Orchestration Platform Host the tooling in an elastic, portable environment REFERENCE MODEL FOR THE SOLUTIONS DELIVERY PLATFORM Continuous & Automated Security and Compliance Feature Feature Feature FeatureFeature
  • 11. SOLIDIFYING THE BASE: RED HAT UNIVERSAL BASE IMAGE (UBI) UBI Attributes - Subset of RHEL content - Redistributable - Base and RHSCL images - Enabled yum repos - Microdnf - Supported - Cataloged - Updated - Tracked - Reusable Two Talks on UBI This Week - Choosing the right container base image for your application, Today, 1:30-2:15pm - Building production-ready containers, Wednesday, 3:30-4:15pm 10Booz Allen Hamilton Internal ü Jenkins ü SonarQube ü OWASP ZAP ü Nexus ü Helm ü The A11y Machine ü Twistlock ü OpenSCAP DevSecOps Platform Images
  • 12. SOLIDIFYING THE BASE: RED HAT UNIVERSAL BASE IMAGE (UBI) 11Booz Allen Hamilton Internal Red Hat’s Universal Base Image adds a new layer of control inheritance when building security hardened PaaS Solutions ENTERPRISE INFRASTRUCTURE PLATFORM UBI APP UBI Attributes - Subset of RHEL content - Redistributable - Base and RHSCL images - Enabled yum repos - Microdnf Two Talks on UBI This Week Choosing the right container base image for your application, Today, 1:30-2:15pm Building production-ready containers, Wednesday, 3:30-4:15pm - Supported - Cataloged - Updated - Tracked - Reusable
  • 13. THE SDP BUILDS TRUSTED SOFTWARE SUPPLY CHAINS 12Booz Allen Hamilton Internal The Solutions Delivery Platform allows you to build tool-agnostic, templated workflows to integrate security into every step of your software delivery lifecycle A containerized DevSecOps Platform, SDP leverages Red Hat’s Universal Base Image – meaning out-of-the-box security compliance within your organization Instead of building a pipeline per application – SDP lets you define the organizational quality and security gates that must be passed while affording teams the flexibility to choose the right tools for the job Leverage the same DevSecOps pipeline regardless of which cloud environment your application is targeting
  • 14. BOOZ ALLEN’S SOLUTIONS DELIVERY PLATFORM 13Booz Allen Hamilton Internal APPLY ORGANIZATIONAL GOVERNANCE Standardize software delivery processes OPTIMIZE CODE REUSE Crowd source quality through common open source libraries SIMPLIFY PIPELINE MAINTAINABILITY Manage templates over application specific pipelines
  • 15. DEMO LET’S SEE IT IN ACTION 14
  • 16.
  • 17. OPEN SOURCE COMMUNITY 16Booz Allen Hamilton Internal The Solutions Delivery Platform components are open sourced under the Booz Allen Public License. Jenkins Templating Engine: https://github.com/boozallen/jenkins-templating-engine.git *Licensed under Apache 2.0 and released to the Jenkins Update Center https://gitter.im/jenkinsci/templating-engine-plugin SDP Pipeline Libraries: https://github.com/boozallen/sdp-libraries.git *Licensed under the Booz Allen Public License: http://boozallen.github.io/licenses/bapl Documentation: https://boozallen.github.io/sdp-docs/ Jenkins Pipeline Authoring SIG: https://jenkins.io/sigs/pipeline-authoring/ Jenkins World 2018: https://www.youtube.com/watch?v=BM9Vmsh2iMI
  • 18. LEARN MORE ABOUT US Josh Boyd @joshboyd boyd_joshua@bah.com Steven Terrana @steven_terrana terrana_steven@bah.com https://gitter.im/jenkinsci/templating-engine-plugin https://boozallen.github.io/sdp-docs/ devsecops@bah.com https://boozallen.com/apply