3. Kanban
India 2023
https://kanbanindia.org
ISC
Plan Code Build Package Publish Deploy Test
• Threat Modeling
• Secure coding training
• Secure access
• Scan
• Detect Secrets
• Unit Test
• Coverage
• Static code
analysis
• Secure configuration
• Secret management
• Image Scan
• Signing
• Sign verification
• SOD
• Network Isolation
• Infra Security
Jira@IBM
• SAST
• DAST
Introduction – DevSecOps Model
4. Kanban
India 2023
https://kanbanindia.org
Introduction- Alignment with Kanban
Workflow visualization
Improved team collaboration
Standardization with explicit policies
Continuous feedback loop
Experimentation with tools and
technologies
With this DevSecOps model adoption, accomplished
highly secured, rapidly deployable, & better-quality
applications.
In alignment with Kanban principles, gained:
7. Kanban
India 2023
https://kanbanindia.org
Salient Features
Polyglot
Supports different
programming platforms
Alerts
Immediate notifications through
multiple channels
Observability
Plug & Play
Quicker onboarding, Zero
interdependence
Monitoring & Tracing
Faster Deployments
Without Downtime
Pipeline Management
Configurable pipelines
Governance Multiple Layers Security
Improved governance &
controls
Code scan, vulnerability check
8. Kanban
India 2023
https://kanbanindia.org
One Team Model
• One-Team (Dev + Ops + L3)
• Self-Organized team
• Cross-Functional team
• Collective ownership
• Shared goals
• Integrated end to end visualized view
of Development & Operation
• One Backlog for Dev, Ops & L3
• Measure to improve rather than report
• Aligned governance to achieve goals
• E2E automation
• Cloud infra
• Security
• Non Functional requirements
Building a sustainable one-team culture is the primary objective
9. Kanban
India 2023
https://kanbanindia.org
Our Experimentation
SMALL AND
SPECIALIZED
DEVSECOPS
TEAMS
INCREMENTAL
DEVELOPMENT
CLOUD SERVICES:
CONTAINERIZED
MICROSERVICES
95% AUTOMATED
TESTS
ENVIRONMENT
SEGREGATION
WITH CLEAR SOD
FOR DEV, STAGE,
PROD
CI/CD PIPELINE
MANAGEMENT:
ONE CLICK TO
PRODUCTION
SECURITY AT
EVERY LAYER
CODE SCANNING
TO IAST TESTING
CONTINUOUS
FEEDBACK LOOPS
11. Kanban
India 2023
https://kanbanindia.org
Outcome
Total cycle time reduced from 4 weeks to 5 days
Individual service production deployment time – 2 to 3 mins
Zero Sev-1 incident reported
Zero security incident reported
One click deployment
On demand deployment
99.9% uptime
58% improvement in NPS
Quick self Introduction and IBM Sales Cloud program
Just listing
Just listing
Brief history on transformation with ISC - Narration
Multi CRM to single, Consolidation of numerous apps & tools, Simplified process with Account example.
Enterprise challenges with examples and solution description – Story for compliance and error management
Example for Data sources: Siloed, incompatible, context unawareness etc.
Salability : Business dynamics and market condition
Compliance story : Data privacy and confidentiality, FED, DACH, UK, Taiwan, GDPR etc.
Monitoring : Error management