Friday, May 19, 2017

Building security into the DevOps life cycle

A new eBook I wrote for my company has just been published. Download a copy from the company website.



The primary goal when breaking the build in the CI/CD DevOps life cycle is to treat security issues with the same level of importance as quality and business requirements. If quality or security tests fail, the continuous integration server breaks the build. When the build breaks, the CI/CD pipeline also breaks. Based on the reason for the broken build, appropriate activities such as architecture risk analysis (ARA), threat modeling, or a manual code review are triggered.
This eBook provides actionable insight into:

  •  Building security into your DevOps SDLC 
  • Understanding the relationship between security and quality in the CI/CD pipeline 
  • Coordinating various teams to ensure that the process is well defined, tools are properly configured, and developers are ready to resolve issues when the build breaks
Download the eBook from here: