Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

DevSecOps Pipeline - Example (Not just Tools)


Published on

Typically a lot of organisations focuses on tools to factor into the Pipeline. However the Security Assurance approach is just as important if not more. So throwing this diagram out to spark discussions. Discuss :-)

Published in: Technology
  • Be the first to comment

  • Be the first to like this

DevSecOps Pipeline - Example (Not just Tools)

  1. 1. IDE Static Code Analysis SCM Dynamic Analysis Open Source Software Security Security Testing Framework Binary Repository Define Security Test Cases Threat Modeling Security Standards Automation Tools: Passing Criteria Risk Management Out of Band Security Testing Security Champions DevSecOps Engineer Security Audit Artifacts CI Build Server DevSecOps – Tooling & Assurance Examples (Shift Left) curl nmap sslyze sqlmap Interactive Testing Reporting Dashboard Infrastructure Assurance Threat Modeling