SlideShare ist ein Scribd-Unternehmen logo

PIACERE - DevSecOps Automated

PIACERE
PIACERE

This document summarizes the PIACERE project, which aims to integrate security into DevSecOps processes. It receives funding from the EU Horizon 2020 program. The project develops tools like the DevSecOps Modeling Language (DOML) and Verification Tool to integrate security principles into infrastructure modeling and deployment. It also includes a Canary Sandbox Environment for testing deployments and an Infrastructure Optimization Platform for optimizing cloud resources. The overall goal is to provide a unified platform for secure, automated deployment to multiple clouds.

Software
1 von 19
Downloaden Sie, um offline zu lesen
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 101000162. PIACERE - DevSecOps Automated Radosław Piliszek & Paweł Skrzypek | 7bulls.com
2 - Research & Development Center 7bulls has been certified as a research and development center on the Polish and French market (CBR and CIR respectively). Examples of innovative projects implemented by 7bulls can be found at 7bulls.com/rnd
3 DevSecOps DevSecOps is the integration of security into emerging agile IT and DevOps development as seamlessly and as transparently as possible. Ideally, this is done without reducing the agility or speed of developers or requiring them to leave their development toolchain environment. Source: Gartner IT Glossary: https://www.gartner.com/en/information-technology/glossary/devsecops
4 But why do we need Sec in DevOps? ▪ We hope nobody denies security is of utmost importance these days, but we argue it’s even more important for Software-Defined Infrastructure as it happens in DevOps. ▪ Frequent build and deploy process is especially vulnerable to misconfiguration and security leaks. ▪ Heterogeneity of infrastructure additionally increases the risks.
5 Introducing PIACERE (PLEASURE) Programming trustworthy Infrastructure As Code in a sEcuRE framework 1. Horizon 2020 project in Software Development call. 2. Consortium consists of 12 organizations (academia, business, government) and is led by Tecnalia from Spain. 3. Schedule - 01.12.2020 - 30.11.2023 4. 7bulls.com is responsible for integration and Canary Sandbox Environment.
6 PIACERE DevSecOps - goals • Develop, build and deploy applications • Manage cloud, hybrid and multicloud deployments • Maintain and configure the infrastructure • Optimize usage of resources • Test deployments and infrastructure • Avoid snowflakes (and related config drifts) Including agile approach and security rules and principles. Fast, reliable and secure deployments out-of-the-box!
7 PIACERE DevSecOps - key features • Integrated security principles into the DevOps operations. • Agile approach without losing security level. • Sandboxing guide to test the dynamic properties of to-be-deployed infrastructure. • Single source of truth, access control and accountability. • Cloud-agnosticism. • Automatic healing and optimisation.
8 PIACERE DevSecOps framework - A single universal platform for DevSecOps deployments in multicloud enviroments. Including optimization of resources. Actually Cross-Cloud and reusing and enhancing Open Source
9 PIACERE DevSecOps - why? Source: https://xkcd.com/927/
10 • Simple and easy way to use DevSecOps approach. • Unified way to build and deploy into the multicloud environments. • Support for multiple IaC languages. • Automatic deployment to different Cloud Providers. • Automatic optimization of cloud resources. • Embraces GitOps with single source of truth and streamlined access control. PIACERE DevSecOps - why?
11 • DOML - DevSecOps Modelling Language • VT - Verification Tool • Central DOML&IaC repositories and Runtime Controller • IEM - IaC Executor Manager • Canary Sandbox Environment tooling • Infrastructural Elements Catalogue • Infrastructure Advisor ○ Runtime monitoring (performance and security) ○ IOP - Infrastructure Optimization Platform Everything integrated together. PIACERE DevSecOps key elements
12 • Cloud-agnostic-able language. • Multiple layers of modelling and presentation. • Application modelling: components, connections, security, etc. • Infrastructure modelling: abstract (environment-agnostic) and concrete (environment-dependent). • Target IaC generation possible to multiple languages. • Modelling toolbox available in Eclipse IDE. DOML - DevSecOps Modelling Language Unified way of describing application and infrastructure in the Cloud, including security aspects such as rules and expectations.
13 • Static analysis of properties of DOML and the generated IaC. • Verifies correctness according to select criteria. • Ensures the IaC and used components are free of known vulnerabilities and follow best security practices. VT - Verification Tool Unsure if your model satisfies expectations? Refer to the Verification Tool of PIACERE. (And it will make sure you don’t forget the Security part).
14 • Single-flow operations: push to the repository and get your deployment updated. • Single source of truth - everything your infrastructure needs in one place. • Simplified and streamlined access control - control access via repository permissions. • Runtime Controller based on BPMN (Business Process Model and Notation) - an extensible vernacular. Central DOML&IaC repositories and Runtime Controller One ring source to rule them all - Your deployments.
15 • Execution of IaC. • Understands the deployed infrastructure. • Support for reconfiguration and scaling. • Fully-automatic deployment to chosen Canary Environment and target infrastructure. • Secure use of credentials to the target environments. IEM - IaC Executor Manager PIACERE is your smart, autonomic DevSecOps go-to product.
16 • Two main tools: ○ Provisioner - deployment of select environments (OpenStack, Kubernetes) in an opinionated way. ○ Mocklord - mocked APIs of selected cloud providers. • Ability to test dynamic aspects of the deployment in a controlled, sandbox environment, including relevance, reliability and security tests. Canary Sandbox Environment tooling PIACERE offers secure sandbox environment provisioning to help You test Your deployments.
17 • Central storage of local PIACERE knowledge. • Answers the questions what providers are available and what their offers are. But it does not stop there! • It stores the historic characteristics of the offers and their current usage along with any alarms (based on metrics and events from Infrastructure Advisor). Infrastructural Elements Catalogue PIACERE is your smart, autonomic DevSecOps go-to product.
18 • Collects metrics and events related to performance and security. • Infrastructure-side deployed during IEM run. • Self-learning and self-healing included. • IOP - Optimization of the infrastructure based on collected metrics. • Integration with Infrastructure Elements Catalogue to select best available options. • Optimizes the trade-off of cost, performance, availability etc. • Machine-learning-based optimization algorithms. Infrastructure Advisor Runtime monitoring (performance and security) & IOP - Infrastructure Optimization Platform PIACERE optimizes Your infrastructure from DevSecOps process.
Get more info from our social media Stay in touch with us www.piacere-project.eu

Empfohlen

Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOpsFinto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
DevSecOps Everything You Need To Know
DevSecOps Everything You Need To KnowDevSecOps Everything You Need To Know
DevSecOps Everything You Need To KnowCentextech
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsJoel Divekar
 
DevSecOps Beginners Guide : How to secure process in DevOps with OpenSource
DevSecOps Beginners Guide : How to secure process in DevOps with OpenSourceDevSecOps Beginners Guide : How to secure process in DevOps with OpenSource
DevSecOps Beginners Guide : How to secure process in DevOps with OpenSourceDevOps Indonesia
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Mohammed A. Imran
 
DevSecOps outline
DevSecOps outlineDevSecOps outline
DevSecOps outlineNickleus Jimenez
 
DevSecOps - The big picture
DevSecOps - The big pictureDevSecOps - The big picture
DevSecOps - The big pictureDevSecOpsSg
 
DevSecOps : an Introduction
DevSecOps : an IntroductionDevSecOps : an Introduction
DevSecOps : an IntroductionPrashanth B. P.
 

Empfohlen

Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOpsFinto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
DevSecOps Everything You Need To Know
DevSecOps Everything You Need To KnowDevSecOps Everything You Need To Know
DevSecOps Everything You Need To KnowCentextech
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsJoel Divekar
 
DevSecOps Beginners Guide : How to secure process in DevOps with OpenSource
DevSecOps Beginners Guide : How to secure process in DevOps with OpenSourceDevSecOps Beginners Guide : How to secure process in DevOps with OpenSource
DevSecOps Beginners Guide : How to secure process in DevOps with OpenSourceDevOps Indonesia
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Mohammed A. Imran
 
DevSecOps outline
DevSecOps outlineDevSecOps outline
DevSecOps outlineNickleus Jimenez
 
DevSecOps - The big picture
DevSecOps - The big pictureDevSecOps - The big picture
DevSecOps - The big pictureDevSecOpsSg
 
DevSecOps : an Introduction
DevSecOps : an IntroductionDevSecOps : an Introduction
DevSecOps : an IntroductionPrashanth B. P.
 
The Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsThe Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsWhiteSource
 
DevSecOps, The Good, Bad, and Ugly
DevSecOps, The Good, Bad, and UglyDevSecOps, The Good, Bad, and Ugly
DevSecOps, The Good, Bad, and Ugly4ndersonLin
 
Dos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsDos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsPriyanka Aash
 
Demystifying DevSecOps
Demystifying DevSecOpsDemystifying DevSecOps
Demystifying DevSecOpsArchana Joshi
 
Secure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceSecure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceTej Luthra
 
Dev secops. Real experience.
Dev secops. Real experience.Dev secops. Real experience.
Dev secops. Real experience.Vitaly Balashov
 
DevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseDevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseTonex
 
Talk DevSecOps to me
Talk DevSecOps to meTalk DevSecOps to me
Talk DevSecOps to meMichelle Ribeiro
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaMohammed A. Imran
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsSetu Parimi
 
A journey from dev ops to devsecops
A journey from dev ops to devsecopsA journey from dev ops to devsecops
A journey from dev ops to devsecopsVeritis Group, Inc
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingAarno Aukia
 
How to automate your DevSecOps successfully
How to automate your DevSecOps successfullyHow to automate your DevSecOps successfully
How to automate your DevSecOps successfullyManuel Pistner
 
DevSecOps Singapore 2017 - Security in the Delivery Pipeline
DevSecOps Singapore 2017 - Security in the Delivery PipelineDevSecOps Singapore 2017 - Security in the Delivery Pipeline
DevSecOps Singapore 2017 - Security in the Delivery PipelineJames Wickett
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsabhimanyubhogwan
 
Dev secops security and compliance at the speed of continuous delivery - owasp
Dev secops security and compliance at the speed of continuous delivery - owaspDev secops security and compliance at the speed of continuous delivery - owasp
Dev secops security and compliance at the speed of continuous delivery - owaspDag Rowe
 
8 Tips for Deploying DevSecOps
8 Tips for Deploying DevSecOps8 Tips for Deploying DevSecOps
8 Tips for Deploying DevSecOpsFelicia Haggarty
 
DevSecOps Singapore introduction
DevSecOps Singapore introductionDevSecOps Singapore introduction
DevSecOps Singapore introductionStefan Streichsbier
 
Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & SecurityNico Meisenzahl
 
DevSecOps 101
DevSecOps 101DevSecOps 101
DevSecOps 101Narudom Roongsiriwong, CISSP
 
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewCisco DevNet
 
Enabling multicloud in the enterprise with DevSecOps
Enabling multicloud in the enterprise with DevSecOpsEnabling multicloud in the enterprise with DevSecOps
Enabling multicloud in the enterprise with DevSecOpsJosh Boyd
 

Weitere ähnliche Inhalte

Was ist angesagt?

The Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsThe Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsWhiteSource
 
DevSecOps, The Good, Bad, and Ugly
DevSecOps, The Good, Bad, and UglyDevSecOps, The Good, Bad, and Ugly
DevSecOps, The Good, Bad, and Ugly4ndersonLin
 
Dos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsDos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsPriyanka Aash
 
Demystifying DevSecOps
Demystifying DevSecOpsDemystifying DevSecOps
Demystifying DevSecOpsArchana Joshi
 
Secure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceSecure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceTej Luthra
 
Dev secops. Real experience.
Dev secops. Real experience.Dev secops. Real experience.
Dev secops. Real experience.Vitaly Balashov
 
DevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseDevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseTonex
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaMohammed A. Imran
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsSetu Parimi
 
A journey from dev ops to devsecops
A journey from dev ops to devsecopsA journey from dev ops to devsecops
A journey from dev ops to devsecopsVeritis Group, Inc
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingAarno Aukia
 
How to automate your DevSecOps successfully
How to automate your DevSecOps successfullyHow to automate your DevSecOps successfully
How to automate your DevSecOps successfullyManuel Pistner
 
DevSecOps Singapore 2017 - Security in the Delivery Pipeline
DevSecOps Singapore 2017 - Security in the Delivery PipelineDevSecOps Singapore 2017 - Security in the Delivery Pipeline
DevSecOps Singapore 2017 - Security in the Delivery PipelineJames Wickett
 
Dev secops security and compliance at the speed of continuous delivery - owasp
Dev secops security and compliance at the speed of continuous delivery - owaspDev secops security and compliance at the speed of continuous delivery - owasp
Dev secops security and compliance at the speed of continuous delivery - owaspDag Rowe
 
8 Tips for Deploying DevSecOps
8 Tips for Deploying DevSecOps8 Tips for Deploying DevSecOps
8 Tips for Deploying DevSecOpsFelicia Haggarty
 
DevSecOps Singapore introduction
DevSecOps Singapore introductionDevSecOps Singapore introduction
DevSecOps Singapore introductionStefan Streichsbier
 
Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & SecurityNico Meisenzahl
 

Was ist angesagt? (20)

The Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsThe Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOps
 
DevSecOps, The Good, Bad, and Ugly
DevSecOps, The Good, Bad, and UglyDevSecOps, The Good, Bad, and Ugly
DevSecOps, The Good, Bad, and Ugly
 
Dos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsDos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOps
 
Demystifying DevSecOps
Demystifying DevSecOpsDemystifying DevSecOps
Demystifying DevSecOps
 
Secure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceSecure DevOPS Implementation Guidance
Secure DevOPS Implementation Guidance
 
Dev secops. Real experience.
Dev secops. Real experience.Dev secops. Real experience.
Dev secops. Real experience.
 
DevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseDevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps Course
 
Talk DevSecOps to me
Talk DevSecOps to meTalk DevSecOps to me
Talk DevSecOps to me
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOps
 
A journey from dev ops to devsecops
A journey from dev ops to devsecopsA journey from dev ops to devsecops
A journey from dev ops to devsecops
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss Banking
 
How to automate your DevSecOps successfully
How to automate your DevSecOps successfullyHow to automate your DevSecOps successfully
How to automate your DevSecOps successfully
 
DevSecOps Singapore 2017 - Security in the Delivery Pipeline
DevSecOps Singapore 2017 - Security in the Delivery PipelineDevSecOps Singapore 2017 - Security in the Delivery Pipeline
DevSecOps Singapore 2017 - Security in the Delivery Pipeline
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOps
 
Dev secops security and compliance at the speed of continuous delivery - owasp
Dev secops security and compliance at the speed of continuous delivery - owaspDev secops security and compliance at the speed of continuous delivery - owasp
Dev secops security and compliance at the speed of continuous delivery - owasp
 
8 Tips for Deploying DevSecOps
8 Tips for Deploying DevSecOps8 Tips for Deploying DevSecOps
8 Tips for Deploying DevSecOps
 
DevSecOps Singapore introduction
DevSecOps Singapore introductionDevSecOps Singapore introduction
DevSecOps Singapore introduction
 
Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security
 
DevSecOps 101
DevSecOps 101DevSecOps 101
DevSecOps 101
 

Ähnlich wie PIACERE - DevSecOps Automated

Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewCisco DevNet
 
Enabling multicloud in the enterprise with DevSecOps
Enabling multicloud in the enterprise with DevSecOpsEnabling multicloud in the enterprise with DevSecOps
Enabling multicloud in the enterprise with DevSecOpsJosh Boyd
 
Outpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev opsOutpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev opsOutpost24
 
Devops phase-1
Devops phase-1Devops phase-1
Devops phase-1G R VISHAL
 
Piacere general presentation
Piacere general presentationPiacere general presentation
Piacere general presentationPIACERE
 
Capgemini technology vision Oracle Database Firewall
Capgemini technology vision Oracle Database FirewallCapgemini technology vision Oracle Database Firewall
Capgemini technology vision Oracle Database FirewallJohan Louwers
 
AWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container AdoptionAWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container AdoptionAlex Rhea
 
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS
 
ThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsBrad Williams
 
DoD-Enterprise-DevSecOps-Initiative-Introduction-v4.52.pptx
DoD-Enterprise-DevSecOps-Initiative-Introduction-v4.52.pptxDoD-Enterprise-DevSecOps-Initiative-Introduction-v4.52.pptx
DoD-Enterprise-DevSecOps-Initiative-Introduction-v4.52.pptxTomGrand4
 
Securing the container DevOps pipeline by William Henry
Securing the container DevOps pipeline by William HenrySecuring the container DevOps pipeline by William Henry
Securing the container DevOps pipeline by William HenryDevSecCon
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrewLibbySchulze
 
Top 5 benefits of docker
Top 5 benefits of dockerTop 5 benefits of docker
Top 5 benefits of dockerJohn Zaccone
 
Simplify DevOps with Microservices and Mobile Backends.pptx
Simplify DevOps with Microservices and Mobile Backends.pptxSimplify DevOps with Microservices and Mobile Backends.pptx
Simplify DevOps with Microservices and Mobile Backends.pptxssuser5faa791
 
Application Security from the Inside Out
Application Security from the Inside OutApplication Security from the Inside Out
Application Security from the Inside OutUlisses Albuquerque
 
Pentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowPentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowAmien Harisen Rosyandino
 
Docker Enterprise Edition Overview by Steven Thwaites, Technical Solutions En...
Docker Enterprise Edition Overview by Steven Thwaites, Technical Solutions En...Docker Enterprise Edition Overview by Steven Thwaites, Technical Solutions En...
Docker Enterprise Edition Overview by Steven Thwaites, Technical Solutions En...Ashnikbiz
 
Docker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationDocker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationAlex Vranceanu
 
CloudBrew 2017 - Security + DevOps + Azure = Awesomeness
CloudBrew 2017 - Security + DevOps + Azure = AwesomenessCloudBrew 2017 - Security + DevOps + Azure = Awesomeness
CloudBrew 2017 - Security + DevOps + Azure = AwesomenessKarl Ots
 

Ähnlich wie PIACERE - DevSecOps Automated (20)

Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
 
Enabling multicloud in the enterprise with DevSecOps
Enabling multicloud in the enterprise with DevSecOpsEnabling multicloud in the enterprise with DevSecOps
Enabling multicloud in the enterprise with DevSecOps
 
Outpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev opsOutpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev ops
 
Devops phase-1
Devops phase-1Devops phase-1
Devops phase-1
 
Piacere general presentation
Piacere general presentationPiacere general presentation
Piacere general presentation
 
Capgemini technology vision Oracle Database Firewall
Capgemini technology vision Oracle Database FirewallCapgemini technology vision Oracle Database Firewall
Capgemini technology vision Oracle Database Firewall
 
AWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container AdoptionAWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container Adoption
 
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
 
ThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.jsThatConference 2016 - Highly Available Node.js
ThatConference 2016 - Highly Available Node.js
 
DoD-Enterprise-DevSecOps-Initiative-Introduction-v4.52.pptx
DoD-Enterprise-DevSecOps-Initiative-Introduction-v4.52.pptxDoD-Enterprise-DevSecOps-Initiative-Introduction-v4.52.pptx
DoD-Enterprise-DevSecOps-Initiative-Introduction-v4.52.pptx
 
Securing the container DevOps pipeline by William Henry
Securing the container DevOps pipeline by William HenrySecuring the container DevOps pipeline by William Henry
Securing the container DevOps pipeline by William Henry
 
Past, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps InfrastructurePast, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps Infrastructure
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrew
 
Top 5 benefits of docker
Top 5 benefits of dockerTop 5 benefits of docker
Top 5 benefits of docker
 
Simplify DevOps with Microservices and Mobile Backends.pptx
Simplify DevOps with Microservices and Mobile Backends.pptxSimplify DevOps with Microservices and Mobile Backends.pptx
Simplify DevOps with Microservices and Mobile Backends.pptx
 
Application Security from the Inside Out
Application Security from the Inside OutApplication Security from the Inside Out
Application Security from the Inside Out
 
Pentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowPentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrow
 
Docker Enterprise Edition Overview by Steven Thwaites, Technical Solutions En...
Docker Enterprise Edition Overview by Steven Thwaites, Technical Solutions En...Docker Enterprise Edition Overview by Steven Thwaites, Technical Solutions En...
Docker Enterprise Edition Overview by Steven Thwaites, Technical Solutions En...
 
Docker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationDocker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - Presentation
 
CloudBrew 2017 - Security + DevOps + Azure = Awesomeness
CloudBrew 2017 - Security + DevOps + Azure = AwesomenessCloudBrew 2017 - Security + DevOps + Azure = Awesomeness
CloudBrew 2017 - Security + DevOps + Azure = Awesomeness
 

Mehr von PIACERE

PIACERE project overview, summary of objectives v2
PIACERE project overview, summary of objectives v2PIACERE project overview, summary of objectives v2
PIACERE project overview, summary of objectives v2PIACERE
 
eSAAM2023-PIACERE Integrated Development Environment
eSAAM2023-PIACERE Integrated Development EnvironmenteSAAM2023-PIACERE Integrated Development Environment
eSAAM2023-PIACERE Integrated Development EnvironmentPIACERE
 
PIACERE project at EClipse Con 2023
PIACERE project at EClipse Con 2023PIACERE project at EClipse Con 2023
PIACERE project at EClipse Con 2023PIACERE
 
PIACERE ICG Gaia-X Event Bilbao
PIACERE ICG Gaia-X Event BilbaoPIACERE ICG Gaia-X Event Bilbao
PIACERE ICG Gaia-X Event BilbaoPIACERE
 
CCM Brussels PIACERE presentation (2023-05-09)
CCM Brussels PIACERE presentation (2023-05-09)CCM Brussels PIACERE presentation (2023-05-09)
CCM Brussels PIACERE presentation (2023-05-09)PIACERE
 
Piacere presentation in Databeers
Piacere presentation in DatabeersPiacere presentation in Databeers
Piacere presentation in DatabeersPIACERE
 
PIACERE presentation during the WORLD CIST 2023
PIACERE presentation during the WORLD CIST 2023PIACERE presentation during the WORLD CIST 2023
PIACERE presentation during the WORLD CIST 2023PIACERE
 

Mehr von PIACERE (7)

PIACERE project overview, summary of objectives v2
PIACERE project overview, summary of objectives v2PIACERE project overview, summary of objectives v2
PIACERE project overview, summary of objectives v2
 
eSAAM2023-PIACERE Integrated Development Environment
eSAAM2023-PIACERE Integrated Development EnvironmenteSAAM2023-PIACERE Integrated Development Environment
eSAAM2023-PIACERE Integrated Development Environment
 
PIACERE project at EClipse Con 2023
PIACERE project at EClipse Con 2023PIACERE project at EClipse Con 2023
PIACERE project at EClipse Con 2023
 
PIACERE ICG Gaia-X Event Bilbao
PIACERE ICG Gaia-X Event BilbaoPIACERE ICG Gaia-X Event Bilbao
PIACERE ICG Gaia-X Event Bilbao
 
CCM Brussels PIACERE presentation (2023-05-09)
CCM Brussels PIACERE presentation (2023-05-09)CCM Brussels PIACERE presentation (2023-05-09)
CCM Brussels PIACERE presentation (2023-05-09)
 
Piacere presentation in Databeers
Piacere presentation in DatabeersPiacere presentation in Databeers
Piacere presentation in Databeers
 
PIACERE presentation during the WORLD CIST 2023
PIACERE presentation during the WORLD CIST 2023PIACERE presentation during the WORLD CIST 2023
PIACERE presentation during the WORLD CIST 2023
 

Kürzlich hochgeladen

SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 

Kürzlich hochgeladen (20)

SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 

PIACERE - DevSecOps Automated

  • 1. This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 101000162. PIACERE - DevSecOps Automated Radosław Piliszek & Paweł Skrzypek | 7bulls.com
  • 2. 2 - Research & Development Center 7bulls has been certified as a research and development center on the Polish and French market (CBR and CIR respectively). Examples of innovative projects implemented by 7bulls can be found at 7bulls.com/rnd
  • 3. 3 DevSecOps DevSecOps is the integration of security into emerging agile IT and DevOps development as seamlessly and as transparently as possible. Ideally, this is done without reducing the agility or speed of developers or requiring them to leave their development toolchain environment. Source: Gartner IT Glossary: https://www.gartner.com/en/information-technology/glossary/devsecops
  • 4. 4 But why do we need Sec in DevOps? ▪ We hope nobody denies security is of utmost importance these days, but we argue it’s even more important for Software-Defined Infrastructure as it happens in DevOps. ▪ Frequent build and deploy process is especially vulnerable to misconfiguration and security leaks. ▪ Heterogeneity of infrastructure additionally increases the risks.
  • 5. 5 Introducing PIACERE (PLEASURE) Programming trustworthy Infrastructure As Code in a sEcuRE framework 1. Horizon 2020 project in Software Development call. 2. Consortium consists of 12 organizations (academia, business, government) and is led by Tecnalia from Spain. 3. Schedule - 01.12.2020 - 30.11.2023 4. 7bulls.com is responsible for integration and Canary Sandbox Environment.
  • 6. 6 PIACERE DevSecOps - goals • Develop, build and deploy applications • Manage cloud, hybrid and multicloud deployments • Maintain and configure the infrastructure • Optimize usage of resources • Test deployments and infrastructure • Avoid snowflakes (and related config drifts) Including agile approach and security rules and principles. Fast, reliable and secure deployments out-of-the-box!
  • 7. 7 PIACERE DevSecOps - key features • Integrated security principles into the DevOps operations. • Agile approach without losing security level. • Sandboxing guide to test the dynamic properties of to-be-deployed infrastructure. • Single source of truth, access control and accountability. • Cloud-agnosticism. • Automatic healing and optimisation.
  • 8. 8 PIACERE DevSecOps framework - A single universal platform for DevSecOps deployments in multicloud enviroments. Including optimization of resources. Actually Cross-Cloud and reusing and enhancing Open Source
  • 9. 9 PIACERE DevSecOps - why? Source: https://xkcd.com/927/
  • 10. 10 • Simple and easy way to use DevSecOps approach. • Unified way to build and deploy into the multicloud environments. • Support for multiple IaC languages. • Automatic deployment to different Cloud Providers. • Automatic optimization of cloud resources. • Embraces GitOps with single source of truth and streamlined access control. PIACERE DevSecOps - why?
  • 11. 11 • DOML - DevSecOps Modelling Language • VT - Verification Tool • Central DOML&IaC repositories and Runtime Controller • IEM - IaC Executor Manager • Canary Sandbox Environment tooling • Infrastructural Elements Catalogue • Infrastructure Advisor ○ Runtime monitoring (performance and security) ○ IOP - Infrastructure Optimization Platform Everything integrated together. PIACERE DevSecOps key elements
  • 12. 12 • Cloud-agnostic-able language. • Multiple layers of modelling and presentation. • Application modelling: components, connections, security, etc. • Infrastructure modelling: abstract (environment-agnostic) and concrete (environment-dependent). • Target IaC generation possible to multiple languages. • Modelling toolbox available in Eclipse IDE. DOML - DevSecOps Modelling Language Unified way of describing application and infrastructure in the Cloud, including security aspects such as rules and expectations.
  • 13. 13 • Static analysis of properties of DOML and the generated IaC. • Verifies correctness according to select criteria. • Ensures the IaC and used components are free of known vulnerabilities and follow best security practices. VT - Verification Tool Unsure if your model satisfies expectations? Refer to the Verification Tool of PIACERE. (And it will make sure you don’t forget the Security part).
  • 14. 14 • Single-flow operations: push to the repository and get your deployment updated. • Single source of truth - everything your infrastructure needs in one place. • Simplified and streamlined access control - control access via repository permissions. • Runtime Controller based on BPMN (Business Process Model and Notation) - an extensible vernacular. Central DOML&IaC repositories and Runtime Controller One ring source to rule them all - Your deployments.
  • 15. 15 • Execution of IaC. • Understands the deployed infrastructure. • Support for reconfiguration and scaling. • Fully-automatic deployment to chosen Canary Environment and target infrastructure. • Secure use of credentials to the target environments. IEM - IaC Executor Manager PIACERE is your smart, autonomic DevSecOps go-to product.
  • 16. 16 • Two main tools: ○ Provisioner - deployment of select environments (OpenStack, Kubernetes) in an opinionated way. ○ Mocklord - mocked APIs of selected cloud providers. • Ability to test dynamic aspects of the deployment in a controlled, sandbox environment, including relevance, reliability and security tests. Canary Sandbox Environment tooling PIACERE offers secure sandbox environment provisioning to help You test Your deployments.
  • 17. 17 • Central storage of local PIACERE knowledge. • Answers the questions what providers are available and what their offers are. But it does not stop there! • It stores the historic characteristics of the offers and their current usage along with any alarms (based on metrics and events from Infrastructure Advisor). Infrastructural Elements Catalogue PIACERE is your smart, autonomic DevSecOps go-to product.
  • 18. 18 • Collects metrics and events related to performance and security. • Infrastructure-side deployed during IEM run. • Self-learning and self-healing included. • IOP - Optimization of the infrastructure based on collected metrics. • Integration with Infrastructure Elements Catalogue to select best available options. • Optimizes the trade-off of cost, performance, availability etc. • Machine-learning-based optimization algorithms. Infrastructure Advisor Runtime monitoring (performance and security) & IOP - Infrastructure Optimization Platform PIACERE optimizes Your infrastructure from DevSecOps process.
  • 19. Get more info from our social media Stay in touch with us www.piacere-project.eu