DevOps and Application Security

•

3 gefällt mir•1,151 views

Shahee Mirza

DevOps is an opportunity to make security an integral part of application development.

Technologie

DevOps and Application Security
Shahee Mirza
Co-Founder : BEETLES
Twitter: @shaheemirza

Security is last task?
• Security Testing
• Firewall Configuration
• Source Code Analysis

Security Testing, Firewall configuration and
Code analysis – Takes time

But, How will I introduce DevOpsSec to my team?

Module 3: Make a culture of Self-
Learning about Security for Devs + QA.

Develop
Code
Commit
Source
Control
Build
Trigger
Tests
Deploy
to
ProductionDeploy
to Test
Env
Report
&
Notify
Publish to
release
repository
Automatic
security
test
SCA
Test
Security within Continuous Deployment

1. Make a plan for security
2. Educate your team
3. Integrate security into automatic build
process.

Weitere ähnliche Inhalte

Was ist angesagt?

Static Analysis Security Testing for Dummies... and YouKevin Fealey

DevSecOps: Minimizing Risk, Improving SecurityFranklin Mosley

Introduction to DevSecOpsAmazon Web Services

Web Application Security 101Jannis Kirschner

Security testing fundamentalsCygnet Infotech

Vulnerabilities in modern web applicationsNiyas Nazar

Introduction to Web Application Penetration TestingNetsparker

Secure coding practicesMohammed Danish Amber

Practical DevSecOps Course - Part 1Mohammed A. Imran

Pentesting Rest API's by :- Gaurang BhatnagarOWASP Delhi

Security Exploit of Business Logic Flaws, Business Logic AttacksMarco Morana

Web Application Security and AwarenessAbdul Rahman Sherzad

Introduction to Malware AnalysisAndrew McNicol

Top 10 Web Security Vulnerabilities (OWASP Top 10)Brian Huff

Secure code practicesHina Rawal

Introduction to Web Application Penetration TestingAnurag Srivastava

Security Testing.pptxosandadeshan

Software security testingnehabsairam

Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!

2019 DevSecOps Reference ArchitecturesSonatype

Was ist angesagt? (20)

Static Analysis Security Testing for Dummies... and You

DevSecOps: Minimizing Risk, Improving Security

Introduction to DevSecOps

Web Application Security 101

Security testing fundamentals

Vulnerabilities in modern web applications

Introduction to Web Application Penetration Testing

Secure coding practices

Practical DevSecOps Course - Part 1

Pentesting Rest API's by :- Gaurang Bhatnagar

Security Exploit of Business Logic Flaws, Business Logic Attacks

Web Application Security and Awareness

Introduction to Malware Analysis

Top 10 Web Security Vulnerabilities (OWASP Top 10)

Secure code practices

Introduction to Web Application Penetration Testing

Security Testing.pptx

Software security testing

Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...

2019 DevSecOps Reference Architectures

Andere mochten auch

Responsible Disclosure Program: Why and HowShahee Mirza

Bug Bounty 101Shahee Mirza

A simple model of consumer behavior Md. Samid Razzak

Bug bounty programsDan Vasile

5 Tips to Successfully Running a Bug Bounty Programbugcrowd

Icebreaking how to break the ice and give an awesome presentationImtiaz alam

Case solving Tips shown in Brandwitz'15 RoadShowAkib Hasan Srabon

Sending a for ahuh. win32 exploit development old schoolNahidul Kibria

How to do well in Bug bounty programs. Presentation at @nullhyd by AbhijethAbhijeth D

A designer resumeMd. Samid Razzak

Bug Bounty for - BeginnersHimanshu Kumar Das

Brandwitz'14 biggest branding competition of the countryAyman Sadiq

10 Mind blowing facts about Greece's EconomyMd. Samid Razzak

10 Life Lessons by Bill GatesMd. Samid Razzak

Brandwitz'15 Semi Finals-Team 360 degreeAzizul Hasan

Team Dexters-Socio Camp SlidesMd. Samid Razzak

My Little Webap - DevOpsSec is MagicApollo Clark

What's My Security Policy Doing to My Help Desk w/ Chris SwanSonatype

Devops securityLogicaltrust pl

The Retail Enterprise - And the rise of the omni-present consumer Part 2Zensar Technologies Ltd.

Andere mochten auch (20)

Responsible Disclosure Program: Why and How

Bug Bounty 101

A simple model of consumer behavior

Bug bounty programs

5 Tips to Successfully Running a Bug Bounty Program

Icebreaking how to break the ice and give an awesome presentation

Case solving Tips shown in Brandwitz'15 RoadShow

Sending a for ahuh. win32 exploit development old school

How to do well in Bug bounty programs. Presentation at @nullhyd by Abhijeth

A designer resume

Bug Bounty for - Beginners

Brandwitz'14 biggest branding competition of the country

10 Mind blowing facts about Greece's Economy

10 Life Lessons by Bill Gates

Brandwitz'15 Semi Finals-Team 360 degree

Team Dexters-Socio Camp Slides

My Little Webap - DevOpsSec is Magic

What's My Security Policy Doing to My Help Desk w/ Chris Swan

Devops security

The Retail Enterprise - And the rise of the omni-present consumer Part 2

Ähnlich wie DevOps and Application Security

Scale security for a dollar or lessMohammed A. Imran

Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaMohammed A. Imran

Strengthen and Scale Security for a dollar or lessMohammed A. Imran

Automating Security in Cloud Workloads with DevSecOpsAmazon Web Services

The Unlikely Couple, DevOps and Security. Can it work?Todd Benson (I.T. SPECIALIST and I.T. SECURITY)

Introduction to DevSecOps OWASP Ahmedabadkunwaratul hax0r

DevSecOps Basics with Azure Pipelines Abdul_Mujeeb

Time To Get Your DevOps E-Degree Now !!John Alex

DevSecOps - The big pictureDevSecOpsSg

DevSecOps - The big pictureStefan Streichsbier

Devops Engineer E-Degree In Just 3 MonthsJohn Alex

Introduction to DevOps Tools | DevOps Training | DevOps Tutorial for Beginner...Edureka!

JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...Wouter Bloeyaert

Outpost24 webinar: Turning DevOps and security into DevSecOpsOutpost24

SecDevOps Risk Workflow - v0.6Dinis Cruz

DevOps to DevSecOps Journey..Siddharth Joshi

Outpost24 webinar - application security in a dev ops world-08-2018Outpost24

DevSecOps 實踐與 GitHub 進階安全: 建立安全的開發流程Duran Hsieh

Affordable app sec for startups by - Sandeep Singh, Vaibhav Gupta and Vishal ...OWASP Delhi

DevSecOps Integrating Security in to the DevOps LifecycleRobert Risch

Ähnlich wie DevOps and Application Security (20)

Scale security for a dollar or less

Strengthen and Scale Security Using DevSecOps - OWASP Indonesia

Strengthen and Scale Security for a dollar or less

Automating Security in Cloud Workloads with DevSecOps

The Unlikely Couple, DevOps and Security. Can it work?

Introduction to DevSecOps OWASP Ahmedabad

DevSecOps Basics with Azure Pipelines

Time To Get Your DevOps E-Degree Now !!

DevSecOps - The big picture

Devops Engineer E-Degree In Just 3 Months

Introduction to DevOps Tools | DevOps Training | DevOps Tutorial for Beginner...

JSCONF 2018 - Baking security into DevOps - a tale of hunting down bugs befor...

Outpost24 webinar: Turning DevOps and security into DevSecOps

SecDevOps Risk Workflow - v0.6

DevOps to DevSecOps Journey..

Outpost24 webinar - application security in a dev ops world-08-2018

DevSecOps 實踐與 GitHub 進階安全: 建立安全的開發流程

Affordable app sec for startups by - Sandeep Singh, Vaibhav Gupta and Vishal ...

DevSecOps Integrating Security in to the DevOps Lifecycle

Kürzlich hochgeladen

presentation ICT roal in 21st century educationjfdjdjcjdnsjd

Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer

A Year of the Servo Reboot: Where Are We Now?Igalia

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz

GenAI Risks & Security Meetup 01052024.pdflior mazor

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot

How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes

Automating Google Workspace (GWS) & more with Apps Scriptwesley chun

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood

2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong

DBX First Quarter 2024 Investor PresentationDropbox

FWD Group - Insurer Innovation Award 2024The Digital Insurer

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh

Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2

Corporate and higher education May webinar.pptxRustici Software

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays

Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1

Kürzlich hochgeladen (20)

presentation ICT roal in 21st century education

Axa Assurance Maroc - Insurer Innovation Award 2024

A Year of the Servo Reboot: Where Are We Now?

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

GenAI Risks & Security Meetup 01052024.pdf

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

How to Troubleshoot Apps for the Modern Connected Worker

Automating Google Workspace (GWS) & more with Apps Script

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

2024: Domino Containers - The Next Step. News from the Domino Container commu...

DBX First Quarter 2024 Investor Presentation

FWD Group - Insurer Innovation Award 2024

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Exploring the Future Potential of AI-Enabled Smartphone Processors

Corporate and higher education May webinar.pptx

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Boost Fertility New Invention Ups Success Rates.pdf