Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

DevSecOps March 2018 - Extract


Published on

Elements to consider for practicing DevSecOps.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

DevSecOps March 2018 - Extract

  1. 1. Dev Workstation Build Server Centralize Report (Vulnerability Management) Server SCM Static Code Analysis (SAST) Dynamic Testing (DAST) Interactive Testing (IAST) Open Source Component Security Manual Penetration Testing – Out of Band Scope: Application and Network layer – White/Black box Defect Management AUTOMATION INTEGRATION POINTS SECURITYASSURANCEMODEL Legend Black Box: Development Stack Blue Box: Automation - Integration Red Box: Security Tools and Controls Infrastructure Scanning