DevSecOps: What, Why and How? | Vandana Verma

Slide 1 of DevSecOps: What, Why and How?

Slide 2 of DevSecOps: What, Why and How?

Slide 3 of DevSecOps: What, Why and How?

Slide 4 of DevSecOps: What, Why and How?

Slide 5 of DevSecOps: What, Why and How?

Slide 6 of DevSecOps: What, Why and How?

Slide 7 of DevSecOps: What, Why and How?

Slide 8 of DevSecOps: What, Why and How?

Abstract

Security is often added towards the end, in a typical DevOps cycle. This talk covers how to integrate security into each phase of DevOps — from code commit to deployment — using freely available open-source tools.

We walk through a practical pipeline that includes SAST, DAST, dependency scanning, container security, and infrastructure-as-code auditing, all orchestrated via CI/CD. The goal: make security a first-class citizen in every sprint, not an afterthought bolted on at release time.

Video

Conference Recording

Resources

Embed This Presentation

OEmbed URL

HTML Embed

Related Presentations

Mobile Application Security: Beyond the Basics

Mobile Application Security: Beyond the Basics

Mar 2018Goa, India

See Also

Timeline entry

devsecops ci-cd supply-chain security-tools