Securing Your Application, Infrastructure, Environment Continuously Using DevSecOps

how to secure your application, infrastructure and environment

As we moved from traditional development to Agile and DevOps, it means increasing the frequency of deployment to production, but this business agility cannot come at the expense of security.

But can the current security practices keep up? Traditional security methods are not flexible enough to adapt to that change

So, it is important to move away from the mindset of security being a milestone. We must treat security as a continuously varying state.

So, in this case and with continuous delivery, how do you ensure your applications are secure and stay secure? How can you find and fix security issues early in the process?

This begins with practices commonly referred to as DevSecOps.

DevSecOps incorporates the security team and their capabilities into the DevOps practices making security a responsibility of everyone on the team.

This video will cover the following points:
Traditional Security Vs. DevSecOps (Rugged DevOps)
Security as a continuously varying state
Evolving DevOps
Continuous Practices & Shift Left
Security and Compliance within DevOps
What do we need to check for security?
Vulnerabilities overview
How do we check for security?
Overview about OWASP
High Overview of Secure DevOps Kit for Azure
How to run different types of security scan?
Azure Policy
Azure Policy and Release Management
Azure Blueprints
Microsoft Azure Security Centre
Automate Governance and Compliance
Continuous security validation within CI/CD pipeline
Passive penetration test VS. Active penetration test
Infrastructure validation and Security Scan
Track vulnerabilities


About the Author
----------------------------
Video:
   • Mohamed Radwan is a Principal DevOps Consu...  
Blog:
https://mohamedradwan.com
Linked-in
  / mohamedahmedradwan  
GitHub
https://github.com/DevOpsFounder
Twitter:
  / mradwan06  

#DevSecOps #DevOps #Security #Compliance #Validation