23Protecting the Deployment Pipeline
Throughout this chapter we will look at how to protect our deployment pipeline, as well as how to acheive security and compliance objectives in our control environment, including change management and separation of duty.
INTEGRATE SECURITY AND COMPLIANCE INTO CHANGE APPROVAL PROCESSES
Almost any IT organization of any significant size will have existing change management processes, which are the primary controls to reduce operations and security risks. Compliance manager and security managers place reliance on change management processes for compliance requirements, and they typically require evidence that all changes have been appropriately authorized.
If we have constructed our deployment pipeline correctly ...
Get The DevOps Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.