July 2018
Intermediate to advanced
356 pages
9h 18m
English
Content preview from Hands-On Security in DevOps
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Issue management
Issue management here means how security incidents, vulnerability issues, or security breaches are handled. There should be a vulnerability process in place that involves both the DevOps and Dev team.
In an organization-level security assurance program, it's a must to define security incident and vulnerability response processes and also root cause analysis templates. NIST SP800-61 is a good reference for an organization to establish a security incident response process. It defines an incident handling action checklist in three stages. They are Detection and Analysis; Containment, Eradication, and Recovery, and Post-Incident Activity.
The table lists typical security activities during a security incident handling cycle: