book

Hands-On Security in DevOps

by Tony Hsiang-Chih Hsu

July 2018

Intermediate to advanced

356 pages

9h 18m

English

Packt Publishing

Read now

Unlock full access

Content preview from Hands-On Security in DevOps

DevSecOps for security management

Q: Are there any suggested industry best practices for secure development and deployment in DevOps?

The OWASP SAMM (Software Assurance Maturity Model), Microsoft Security Development Lifecycle (SDL) and the SafeCode provide practical security practices for the DevOps or agile development.

OWASP SAMM: https://github.com/OWASP/samm
Microsoft SDL for Agile: https://www.microsoft.com/en-us/SDL/Discover/sdlagile.aspx
SafeCode: https://safecode.org/publications/

Q: What are the security risks of a cloud service?

The CSA has defined the top threats to cloud computing on their website (https://cloudsecurityalliance.org/group/top-threats/), which are listed as follows:

Data Breaches
Insufficient identity, credential, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Securing DevOps

Julien Vehent

Kubernetes Security

Liz Rice, Michael Hausenblas

Three Essentials for Agentic AI Security

Paolo Dal Cin, Daniel Kendzior, Yusof Seedat, Renato Marinho

Security Automation with Ansible 2

Akash Mahajan, MADHU AKULA

Publisher Resources

ISBN: 9781788995504Other