From Devops to DevSecOps - Bruno Amaro Almeida - NDC Oslo 2020

From Devops to DevSecOps - Bruno Amaro Almeida - NDC Oslo 2020

Are you happy with your current Security practices? Is your company moving towards a DevSecOps culture? In this talk we will learn about how establishing a Threat Modelling process can help you move from DevOps towards DevSecOps.Threat Modelling is a proven and effective process that can be applied to any project and teams of different sizes. It will help you to identify potential threats (blind spots) from an attacker’s point of view and translate those into new items to your backlog.

Security is a crucial part of Engineering projects but is often disregarded as something to be added later. One reason behind that is the lack of knowledge about practices to enable a transformation. We can no longer rely on Infosec departments to get involved in a later phase and help to improve the system security. It needs to be considered from the get-go by the same people creating and developing the system as a basic element (similar to the infrastructure, CI/CD, etc).

Where can we start? How can security be included in a project day to day?

In this talk we will learn about how establishing a Threat Modelling process can help you move from DevOps towards DevSecOps.

Threat Modelling is a proven and effective process that can be applied to any project and teams of different sizes. It will help you to identify potential threats (blind spots) from an attacker’s point of view and translate those into new items to your backlog.

In addition to the enhanced security, your project will gain better technical documentation and your team becomes more engaged with a better understanding of the big picture and the project business requirements.

devsecops devops ci/cd

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Serverless CI/CD on the AWS Cloud

To set up a serverless CI/CD pipeline in your AWS environments, there are several key services that you need to use. Find out more here.

How To Setup a CI/CD Pipeline With Kubernetes 2020 - DZone DevOps

This article gives direction to getting your CI/CD pipeline up and running on the Kubernetes cluster by the GitLab CICD pipeline.

Travis CI vs Jenkins: Which CI/CD Tool Is Right For You?

The ultimate showdown between Travis CI vs Jenkins. Check out this guide to know who wins the race! Travis CI and Jenkins are both popular CI/CD tools and were launched in the same year i.e. 2011. As of July 2020, Jenkins has been the more obvious choice as CI/CD tool with 15.9k stars & 6.3k forks, in comparison to TravisCI which has 8k stars & 756 forks. However, these numbers alone don’t imply which CI/CD tool is more suitable for your upcoming or existing project. Jenkins is an open-source & Travis CI is free for open-source projects.

DevOps Event for CI/CD, Serverless and Kubernetes

DevOps Events Includes various tracks CI/CD, Cloud-Native Infrastructure, DevSecOps, Cultural Transformations, and SRE

How to Extend your DevOps Strategy For Success in the Cloud?

DevOps and Cloud computing are joined at the hip, now that fact is well appreciated by the organizations that engaged in SaaS cloud and developed applications in the Cloud. During the COVID crisis period, most of the organizations have started using cloud computing services and implementing a cloud-first strategy to establish their remote operations. Similarly, the extended DevOps strategy will make the development process more agile with automated test cases.