book

DevOps Tools for Java Developers

by Stephen Chin, Melissa McKay, Ixchel Ruiz, Baruch Sadogursky

April 2022

Intermediate to advanced

341 pages

9h 37m

English

O'Reilly Media, Inc.

Book available

Read now

Unlock full access

Conventions Used in This BookUsing Code ExamplesO’Reilly Online LearningHow to Contact UsAcknowledgments
DevOps Is a Concept Invented by the Ops SideExhibit 1: The Phoenix ProjectExhibit 2: The DevOps HandbookGoogle ItWhat Does It Do?State of the IndustryWhat Constitutes Work?If We’re Not About Deployment and Operations, Then Just What Is Our Job?Just What Constitutes “Done”?Rivalry?More Than Ever BeforeVolume and VelocityDone and DoneFloat Like a Butterfly…Integrity, Authentication, and AvailabilityFierce UrgencyThe Software Industry Has Fully Embraced DevOpsMaking It ManifestWe All Got the Message
Three Generations of Source Code ManagementChoosing Your Source ControlMaking Your First Pull RequestGit ToolsGit Command-Line BasicsGit Command-Line TutorialGit ClientsGit IDE IntegrationGit Collaboration Patternsgit-flowGitHub FlowGitLab FlowOneFlowTrunk-Based DevelopmentSummary
Understanding the ProblemThe History of ContainersWhy Containers?Intro to Container AnatomyDocker Architecture and the Container RuntimeDocker on Your MachineBasic Tagging and Image Version ManagementImage and Container LayersBest Image Build Practices and Container GotchasRespect the Docker Context and .dockerignore FileUse Trusted Base ImagesSpecify Package Versions and Keep Up with UpdatesKeep Your Images SmallBeware of External ResourcesProtect Your SecretsKnow Your OutputsSummary
Cloud ComputingMicroservicesAntipatternsDevOps and MicroservicesMicroservice FrameworksSpring BootMicronautQuarkusHelidonServerlessSetting UpSummary
Adopt Continuous IntegrationDeclaratively Script Your BuildBuild with Apache AntBuild with Apache MavenBuild with GradleContinuously BuildAutomate TestsMonitor and Maintain TestsSummary
Why Build-It-and-Ship-It Is Not EnoughIt’s All About MetadataKey Attributes of Insightful MetadataMetadata ConsiderationsDetermining the MetadataCapturing MetadataWriting the MetadataDependency Management Basics for Maven and GradleDependency Management with Apache MavenDependency Management with GradleDependency Management Basics for ContainersArtifact PublicationPublishing to Maven LocalPublishing to Maven CentralPublishing to Sonatype Nexus RepositoryPublishing to JFrog ArtifactorySummary
Supply Chain Security CompromisedSecurity from the Vendor PerspectiveSecurity from the Customer PerspectiveThe Full Impact GraphSecuring Your DevOps InfrastructureThe Rise of DevSecOpsThe Role of SREs in SecurityStatic and Dynamic Security AnalysisStatic Application Security TestingDynamic Application Security TestingComparing SAST and DASTInteractive Application Security TestingRuntime Application Self-ProtectionSAST, DAST, IAST, and RASP SummaryThe Common Vulnerability Scoring SystemCVSS Basic MetricsCVSS Temporal MetricsCVSS Environmental MetricsCVSS in PracticeScoping Security AnalysisTime to MarketMake or BuyOne-Time and Recurring EffortsHow Much Is Enough?Compliance Versus VulnerabilitiesVulnerabilities Can Be Combined into Different Attack VectorsVulnerabilities: Timeline from Inception Through Production FixTest Coverage Is Your Safety BeltQuality Gate MethodologyQuality Gate StrategiesFit with Project Management ProceduresImplementing Security with the Quality Gate MethodRisk Management in Quality GatesPractical Applications of Quality ManagementShift Security LeftNot All Clean Code Is Secure CodeEffects on SchedulingThe Right Contact PersonDealing with Technical DebtAdvanced Training on Secure CodingMilestones for QualityThe Attacker’s Point of ViewMethods of EvaluationBe Aware of ResponsibilitySummary
Building and Pushing Container ImagesManaging Container Images by Using JibBuilding Container Images with Eclipse JKubeDeploying to KubernetesLocal Setup for DeploymentGenerate Kubernetes Manifests by Using DekorateGenerate and Deploy Kubernetes Manifests with Eclipse JKubeChoose and Implement a Deployment StrategyManaging Workloads in KubernetesSetting Up Health ChecksAdjusting Resource QuotasWorking with Persistent Data CollectionsBest Practices for Monitoring, Logging, and TracingMonitoringLoggingTracingHigh Availability and Geographic DistributionHybrid and MultiCloud ArchitecturesSummary

Fast-Paced DevOps Workflows for MobileAndroid Device FragmentationAndroid OS FragmentationBuilding for Disparate ScreensHardware and 3D SupportContinuous Testing on Parallel DevicesBuilding a Device FarmMobile Pipelines in the CloudPlanning a Device-Testing StrategySummary
Why Everyone Needs Continuous UpdatesUser Expectations on Continuous UpdatesSecurity Vulnerabilities Are the New Oil SpillsGetting Users to UpdateCase Study: Java Six-Month Release CadenceCase Study: iOS App StoreContinuous UptimeCase Study: CloudflareThe Hidden Cost of Manual UpdatesCase Study: Knight CapitalContinuous Update Best Practices

Content preview from DevOps Tools for Java Developers

Chapter 7. Securing Your Binaries

Sven Ruppert

Stephen Chin

Data is the pollution problem of the information age, and protecting privacy is the environmental challenge.

Bruce Schneier, Data and Goliath

Software security is a critical part of any comprehensive DevOps rollout. New breaches uncovered in the past year have called attention to the consequences of weak software security, and have prompted the creation of new government security regulations. The impact of meeting these new regulations spans across the entire software lifecycle, from development through production. As a result, DevSecOps is something that every software developer and DevOps professional needs to understand.

In this chapter, you will learn how to evaluate your product and organizational risk for security vulnerabilities. We will also cover static and dynamic techniques for security testing, and scoring techniques for risk assessment.

Regardless of your role, you will be better prepared to help secure your organization’s software delivery lifecycle. But first let’s look deeper into what happens if you don’t have a focus on security and take steps to secure your software supply chain.

Supply Chain Security Compromised

It started in early December 2020, when FireEye noticed that it had become a victim of a cyberattack, which is remarkable because the company itself specializes in detecting and fending off cyberattacks. Internal analysis showed that the attackers managed to steal FireEye internal tools, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Microservices with Spring Boot and Spring Cloud - Second Edition

Publisher Resources

ISBN: 9781492084013Errata Page Supplemental Content

DevOps Tools for Java Developers

by Stephen Chin, Melissa McKay, Ixchel Ruiz, Baruch Sadogursky

Chapter 7. Securing Your Binaries

Supply Chain Security Compromised

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Microservices with Spring Boot and Spring Cloud - Second Edition

Hands-On Microservices with Spring Boot and Spring Cloud

Spring Boot Persistence Best Practices: Optimize Java Persistence Performance in Spring Boot Applications

Modern API Development with Spring and Spring Boot

Publisher Resources

Chapter 7. Securing Your Binaries

Supply Chain Security Compromised

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Microservices with Spring Boot and Spring Cloud - Second Edition

Hands-On Microservices with Spring Boot and Spring Cloud

Spring Boot Persistence Best Practices: Optimize Java Persistence Performance in Spring Boot Applications

Modern API Development with Spring and Spring Boot

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.