SlideShare a Scribd company logo

Vulnerability Testing in the Cloud by dint of DevSecOps

O
Owen Byrne

devopsdays Galway, November 2017

Technology
1 of 20
Vulnerability Testing in the Cloud by dint of DevSecOps Owen Byrne Cisco dCloud obyrne@cisco.com https://www.linkedin.com/in/owen-byrne/ @owbyrne devopsdays Galway 2017
Our journey begins..
Enabled by some great OpenSource tools…
Cloud ‘Authorisation to Operate’ (CATO)
Conundrum
Security? Not my job!
• CD model means deployed code is constantly changing • Security Tools vary in: • Skill level to operate (developer friendly, automation possible?) • Coverage (gaps & detection – false positives/negatives) • Varied output formats (JSON, XML, Unstructured, But…Security Testing is Hard
OpenSource: https://norad.gitlab.io/ License: Apache 2 8
Enabling DevSecOps
• Ability to plug in new, home-grown tests & 3rd party tools quickly • Docker images containing preconfigured tools to scan for a specific type of vulnerability Containerised Security Tests
How Norad Works Cust omer Cl oud NORAD Cisco Confidential
Centralised Results
Pipeline Integration
Python (boto) AWS CLIAWS Console Powershell Tools Cloud Module Cloudformation BUT…many other ways to create Infra… AutoScaling
“You can think of CloudWatch Events as the central nervous system for your AWS environment. It is wired in to every nook and cranny of the supported services, and becomes aware of operational changes as they happen. Then, driven by your rules, it activates functions and sends messages (activating muscles, if you will) to respond to the environment, making changes, capturing state information, or taking corrective action.” AWS CloudWatch Events
“AWS Lambda is a compute service that lets you run code without provisioning or managing servers” “…use AWS Lambda to run your code in response to events” AWS Lambda
Stitching Things Together
Continuous Compliance with Lambda Based on: https://github.com/awslabs/aws-security- benchmark Config Check Rule evaluated every 24hours
When SecOps show up to the meeting http://devopsreactions.tumblr.com/post/142837211682/when-secops-shows-up-to-the-meeting
Thank You!

Recommended

Practical Approaches to Container Security
Practical Approaches to Container SecurityPractical Approaches to Container Security
Practical Approaches to Container SecurityShea Stewart
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldDevOps.com
 
Play 2 Java Framework with TDD
Play 2 Java Framework with TDDPlay 2 Java Framework with TDD
Play 2 Java Framework with TDDBasav Nagur
 
Docker container security
Docker container securityDocker container security
Docker container securityThoughtworks
 
DEVNET-1169 CI/CT/CD on a Micro Services Applications using Docker, Salt & Ni...
DEVNET-1169 CI/CT/CD on a Micro Services Applications using Docker, Salt & Ni...DEVNET-1169 CI/CT/CD on a Micro Services Applications using Docker, Salt & Ni...
DEVNET-1169 CI/CT/CD on a Micro Services Applications using Docker, Salt & Ni...Cisco DevNet
 
Faster safer and 100 user centric application at equifax with docker
Faster safer and 100 user centric application at equifax with dockerFaster safer and 100 user centric application at equifax with docker
Faster safer and 100 user centric application at equifax with dockerDocker, Inc.
 
Docker crash course
Docker crash courseDocker crash course
Docker crash courseVishwas N
 
Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Stephen de Vries
 

Recommended

Practical Approaches to Container Security
Practical Approaches to Container SecurityPractical Approaches to Container Security
Practical Approaches to Container SecurityShea Stewart
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldDevOps.com
 
Play 2 Java Framework with TDD
Play 2 Java Framework with TDDPlay 2 Java Framework with TDD
Play 2 Java Framework with TDDBasav Nagur
 
Docker container security
Docker container securityDocker container security
Docker container securityThoughtworks
 
DEVNET-1169 CI/CT/CD on a Micro Services Applications using Docker, Salt & Ni...
DEVNET-1169 CI/CT/CD on a Micro Services Applications using Docker, Salt & Ni...DEVNET-1169 CI/CT/CD on a Micro Services Applications using Docker, Salt & Ni...
DEVNET-1169 CI/CT/CD on a Micro Services Applications using Docker, Salt & Ni...Cisco DevNet
 
Faster safer and 100 user centric application at equifax with docker
Faster safer and 100 user centric application at equifax with dockerFaster safer and 100 user centric application at equifax with docker
Faster safer and 100 user centric application at equifax with dockerDocker, Inc.
 
Docker crash course
Docker crash courseDocker crash course
Docker crash courseVishwas N
 
Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Continuous Security Testing with Devops - OWASP EU 2014
Continuous Security Testing with Devops - OWASP EU 2014Stephen de Vries
 
Infrastructure as Code with Ansible
Infrastructure as Code with AnsibleInfrastructure as Code with Ansible
Infrastructure as Code with AnsibleDaniel Bezerra
 
Pulumi iac on gcp
Pulumi iac on gcpPulumi iac on gcp
Pulumi iac on gcpVishwas N
 
Building Top-Notch Androids SDKs
Building Top-Notch Androids SDKsBuilding Top-Notch Androids SDKs
Building Top-Notch Androids SDKsrelayr
 
DevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan Roman
DevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan RomanDevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan Roman
DevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan RomanDevSecCon
 
Test Automation Workshop with BDD Approach
Test Automation Workshop with BDD ApproachTest Automation Workshop with BDD Approach
Test Automation Workshop with BDD Approachkloia
 
5 patterns for success for application transformation
5 patterns for success for application transformation5 patterns for success for application transformation
5 patterns for success for application transformationDocker, Inc.
 
Hacking into your containers, and how to stop it!
Hacking into your containers, and how to stop it!Hacking into your containers, and how to stop it!
Hacking into your containers, and how to stop it!Eric Smalling
 
Know What’s in Your Containers! Manage and Secure all Open Source that Compos...
Know What’s in Your Containers! Manage and Secure all Open Source that Compos...Know What’s in Your Containers! Manage and Secure all Open Source that Compos...
Know What’s in Your Containers! Manage and Secure all Open Source that Compos...DevOps.com
 
Secure Substrate: Least Privilege Container Deployment
Secure Substrate: Least Privilege Container Deployment Secure Substrate: Least Privilege Container Deployment
Secure Substrate: Least Privilege Container Deployment Docker, Inc.
 
Jenkins Overview
Jenkins OverviewJenkins Overview
Jenkins OverviewAhmed M. Gomaa
 
DockerCon EU 2015: Official Repos and Project Nautilus
DockerCon EU 2015: Official Repos and Project NautilusDockerCon EU 2015: Official Repos and Project Nautilus
DockerCon EU 2015: Official Repos and Project NautilusDocker, Inc.
 
All Things Open 2017: How to Treat a Network as a Container
All Things Open 2017: How to Treat a Network as a ContainerAll Things Open 2017: How to Treat a Network as a Container
All Things Open 2017: How to Treat a Network as a ContainerRosemary Wang
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
 
ScriptRock Overview
ScriptRock OverviewScriptRock Overview
ScriptRock OverviewCloudCheckr
 
Introduction to Containers & Diving a little deeper into the benefits of Con...
Introduction to Containers & Diving a little deeper into the benefits of Con... Introduction to Containers & Diving a little deeper into the benefits of Con...
Introduction to Containers & Diving a little deeper into the benefits of Con...Synergetics Learning and Cloud Consulting
 
Javantura v4 - Test-driven documentation with Spring REST Docs - Danijel Mitar
Javantura v4 - Test-driven documentation with Spring REST Docs - Danijel MitarJavantura v4 - Test-driven documentation with Spring REST Docs - Danijel Mitar
Javantura v4 - Test-driven documentation with Spring REST Docs - Danijel MitarHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
Docker Security - Secure Container Deployment on Linux
Docker Security - Secure Container Deployment on LinuxDocker Security - Secure Container Deployment on Linux
Docker Security - Secure Container Deployment on LinuxMichael Boelen
 
Onnx and onnx runtime
Onnx and onnx runtimeOnnx and onnx runtime
Onnx and onnx runtimeVishwas N
 
From Zero to Hero: Continuous Container Security in 4 Simple Steps
From Zero to Hero: Continuous Container Security in 4 Simple StepsFrom Zero to Hero: Continuous Container Security in 4 Simple Steps
From Zero to Hero: Continuous Container Security in 4 Simple StepsDevOps.com
 
DockerCon SF 2015: Docker at Lyft
DockerCon SF 2015: Docker at LyftDockerCon SF 2015: Docker at Lyft
DockerCon SF 2015: Docker at LyftDocker, Inc.
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 

More Related Content

What's hot

Infrastructure as Code with Ansible
Infrastructure as Code with AnsibleInfrastructure as Code with Ansible
Infrastructure as Code with AnsibleDaniel Bezerra
 
Pulumi iac on gcp
Pulumi iac on gcpPulumi iac on gcp
Pulumi iac on gcpVishwas N
 
Building Top-Notch Androids SDKs
Building Top-Notch Androids SDKsBuilding Top-Notch Androids SDKs
Building Top-Notch Androids SDKsrelayr
 
DevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan Roman
DevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan RomanDevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan Roman
DevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan RomanDevSecCon
 
Test Automation Workshop with BDD Approach
Test Automation Workshop with BDD ApproachTest Automation Workshop with BDD Approach
Test Automation Workshop with BDD Approachkloia
 
5 patterns for success for application transformation
5 patterns for success for application transformation5 patterns for success for application transformation
5 patterns for success for application transformationDocker, Inc.
 
Hacking into your containers, and how to stop it!
Hacking into your containers, and how to stop it!Hacking into your containers, and how to stop it!
Hacking into your containers, and how to stop it!Eric Smalling
 
Know What’s in Your Containers! Manage and Secure all Open Source that Compos...
Know What’s in Your Containers! Manage and Secure all Open Source that Compos...Know What’s in Your Containers! Manage and Secure all Open Source that Compos...
Know What’s in Your Containers! Manage and Secure all Open Source that Compos...DevOps.com
 
Secure Substrate: Least Privilege Container Deployment
Secure Substrate: Least Privilege Container Deployment Secure Substrate: Least Privilege Container Deployment
Secure Substrate: Least Privilege Container Deployment Docker, Inc.
 
DockerCon EU 2015: Official Repos and Project Nautilus
DockerCon EU 2015: Official Repos and Project NautilusDockerCon EU 2015: Official Repos and Project Nautilus
DockerCon EU 2015: Official Repos and Project NautilusDocker, Inc.
 
All Things Open 2017: How to Treat a Network as a Container
All Things Open 2017: How to Treat a Network as a ContainerAll Things Open 2017: How to Treat a Network as a Container
All Things Open 2017: How to Treat a Network as a ContainerRosemary Wang
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSDocker, Inc.
 
ScriptRock Overview
ScriptRock OverviewScriptRock Overview
ScriptRock OverviewCloudCheckr
 
Introduction to Containers & Diving a little deeper into the benefits of Con...
Introduction to Containers & Diving a little deeper into the benefits of Con... Introduction to Containers & Diving a little deeper into the benefits of Con...
Introduction to Containers & Diving a little deeper into the benefits of Con...Synergetics Learning and Cloud Consulting
 
Docker Security - Secure Container Deployment on Linux
Docker Security - Secure Container Deployment on LinuxDocker Security - Secure Container Deployment on Linux
Docker Security - Secure Container Deployment on LinuxMichael Boelen
 
Onnx and onnx runtime
Onnx and onnx runtimeOnnx and onnx runtime
Onnx and onnx runtimeVishwas N
 
From Zero to Hero: Continuous Container Security in 4 Simple Steps
From Zero to Hero: Continuous Container Security in 4 Simple StepsFrom Zero to Hero: Continuous Container Security in 4 Simple Steps
From Zero to Hero: Continuous Container Security in 4 Simple StepsDevOps.com
 
DockerCon SF 2015: Docker at Lyft
DockerCon SF 2015: Docker at LyftDockerCon SF 2015: Docker at Lyft
DockerCon SF 2015: Docker at LyftDocker, Inc.
 

What's hot (20)

Infrastructure as Code with Ansible
Infrastructure as Code with AnsibleInfrastructure as Code with Ansible
Infrastructure as Code with Ansible
 
Pulumi iac on gcp
Pulumi iac on gcpPulumi iac on gcp
Pulumi iac on gcp
 
Building Top-Notch Androids SDKs
Building Top-Notch Androids SDKsBuilding Top-Notch Androids SDKs
Building Top-Notch Androids SDKs
 
DevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan Roman
DevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan RomanDevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan Roman
DevSecCon Tel Aviv 2018 - Integrated Security Testing by Morgan Roman
 
Test Automation Workshop with BDD Approach
Test Automation Workshop with BDD ApproachTest Automation Workshop with BDD Approach
Test Automation Workshop with BDD Approach
 
5 patterns for success for application transformation
5 patterns for success for application transformation5 patterns for success for application transformation
5 patterns for success for application transformation
 
Hacking into your containers, and how to stop it!
Hacking into your containers, and how to stop it!Hacking into your containers, and how to stop it!
Hacking into your containers, and how to stop it!
 
Know What’s in Your Containers! Manage and Secure all Open Source that Compos...
Know What’s in Your Containers! Manage and Secure all Open Source that Compos...Know What’s in Your Containers! Manage and Secure all Open Source that Compos...
Know What’s in Your Containers! Manage and Secure all Open Source that Compos...
 
Secure Substrate: Least Privilege Container Deployment
Secure Substrate: Least Privilege Container Deployment Secure Substrate: Least Privilege Container Deployment
Secure Substrate: Least Privilege Container Deployment
 
Jenkins Overview
Jenkins OverviewJenkins Overview
Jenkins Overview
 
DockerCon EU 2015: Official Repos and Project Nautilus
DockerCon EU 2015: Official Repos and Project NautilusDockerCon EU 2015: Official Repos and Project Nautilus
DockerCon EU 2015: Official Repos and Project Nautilus
 
All Things Open 2017: How to Treat a Network as a Container
All Things Open 2017: How to Treat a Network as a ContainerAll Things Open 2017: How to Treat a Network as a Container
All Things Open 2017: How to Treat a Network as a Container
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
ScriptRock Overview
ScriptRock OverviewScriptRock Overview
ScriptRock Overview
 
Introduction to Containers & Diving a little deeper into the benefits of Con...
Introduction to Containers & Diving a little deeper into the benefits of Con... Introduction to Containers & Diving a little deeper into the benefits of Con...
Introduction to Containers & Diving a little deeper into the benefits of Con...
 
Javantura v4 - Test-driven documentation with Spring REST Docs - Danijel Mitar
Javantura v4 - Test-driven documentation with Spring REST Docs - Danijel MitarJavantura v4 - Test-driven documentation with Spring REST Docs - Danijel Mitar
Javantura v4 - Test-driven documentation with Spring REST Docs - Danijel Mitar
 
Docker Security - Secure Container Deployment on Linux
Docker Security - Secure Container Deployment on LinuxDocker Security - Secure Container Deployment on Linux
Docker Security - Secure Container Deployment on Linux
 
Onnx and onnx runtime
Onnx and onnx runtimeOnnx and onnx runtime
Onnx and onnx runtime
 
From Zero to Hero: Continuous Container Security in 4 Simple Steps
From Zero to Hero: Continuous Container Security in 4 Simple StepsFrom Zero to Hero: Continuous Container Security in 4 Simple Steps
From Zero to Hero: Continuous Container Security in 4 Simple Steps
 
DockerCon SF 2015: Docker at Lyft
DockerCon SF 2015: Docker at LyftDockerCon SF 2015: Docker at Lyft
DockerCon SF 2015: Docker at Lyft
 

Similar to Vulnerability Testing in the Cloud by dint of DevSecOps

DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
Announcing AWS CodeBuild - January 2017 Online Teck Talks
Announcing AWS CodeBuild - January 2017 Online Teck TalksAnnouncing AWS CodeBuild - January 2017 Online Teck Talks
Announcing AWS CodeBuild - January 2017 Online Teck TalksAmazon Web Services
 
Docker OpenStack - 3/27/2014
Docker OpenStack - 3/27/2014Docker OpenStack - 3/27/2014
Docker OpenStack - 3/27/2014Erica Windisch
 
Let's banish "it works on my machine"
Let's banish "it works on my machine"Let's banish "it works on my machine"
Let's banish "it works on my machine"Stephanie Locke
 
Continuous Delivery With Selenium Grid And Docker
Continuous Delivery With Selenium Grid And DockerContinuous Delivery With Selenium Grid And Docker
Continuous Delivery With Selenium Grid And DockerBarbara Gonzalez
 
10 Reasons Your Software Sucks 2014 - Tax Day Edition!
10 Reasons Your Software Sucks 2014 - Tax Day Edition!10 Reasons Your Software Sucks 2014 - Tax Day Edition!
10 Reasons Your Software Sucks 2014 - Tax Day Edition!Caleb Jenkins
 
Secure Your Code Implement DevSecOps in Azure
Secure Your Code Implement DevSecOps in AzureSecure Your Code Implement DevSecOps in Azure
Secure Your Code Implement DevSecOps in Azurekloia
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
DevSecOps with Confidence
DevSecOps with ConfidenceDevSecOps with Confidence
DevSecOps with ConfidenceVMware Tanzu
 
9 - Making Sense of Containers in the Microsoft Cloud
9 - Making Sense of Containers in the Microsoft Cloud9 - Making Sense of Containers in the Microsoft Cloud
9 - Making Sense of Containers in the Microsoft CloudKangaroot
 
DevSecOps: Security With DevOps
DevSecOps: Security With DevOpsDevSecOps: Security With DevOps
DevSecOps: Security With DevOpsKnoldus Inc.
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
Security as Code: DOES15
Security as Code: DOES15Security as Code: DOES15
Security as Code: DOES15Ed Bellis
 
Machine Learning , Analytics & Cyber Security the Next Level Threat Analytics...
Machine Learning , Analytics & Cyber Security the Next Level Threat Analytics...Machine Learning , Analytics & Cyber Security the Next Level Threat Analytics...
Machine Learning , Analytics & Cyber Security the Next Level Threat Analytics...PranavPatil822557
 
Shifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istioShifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istioChristian Melendez
 
Continuous Deployment with Amazon Web Services
Continuous Deployment with Amazon Web ServicesContinuous Deployment with Amazon Web Services
Continuous Deployment with Amazon Web ServicesJulien SIMON
 

Similar to Vulnerability Testing in the Cloud by dint of DevSecOps (20)

DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
Announcing AWS CodeBuild - January 2017 Online Teck Talks
Announcing AWS CodeBuild - January 2017 Online Teck TalksAnnouncing AWS CodeBuild - January 2017 Online Teck Talks
Announcing AWS CodeBuild - January 2017 Online Teck Talks
 
Docker OpenStack - 3/27/2014
Docker OpenStack - 3/27/2014Docker OpenStack - 3/27/2014
Docker OpenStack - 3/27/2014
 
Let's banish "it works on my machine"
Let's banish "it works on my machine"Let's banish "it works on my machine"
Let's banish "it works on my machine"
 
Continuous Delivery With Selenium Grid And Docker
Continuous Delivery With Selenium Grid And DockerContinuous Delivery With Selenium Grid And Docker
Continuous Delivery With Selenium Grid And Docker
 
10 Reasons Your Software Sucks 2014 - Tax Day Edition!
10 Reasons Your Software Sucks 2014 - Tax Day Edition!10 Reasons Your Software Sucks 2014 - Tax Day Edition!
10 Reasons Your Software Sucks 2014 - Tax Day Edition!
 
Secure Your Code Implement DevSecOps in Azure
Secure Your Code Implement DevSecOps in AzureSecure Your Code Implement DevSecOps in Azure
Secure Your Code Implement DevSecOps in Azure
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
DevSecOps with Confidence
DevSecOps with ConfidenceDevSecOps with Confidence
DevSecOps with Confidence
 
9 - Making Sense of Containers in the Microsoft Cloud
9 - Making Sense of Containers in the Microsoft Cloud9 - Making Sense of Containers in the Microsoft Cloud
9 - Making Sense of Containers in the Microsoft Cloud
 
DevSecOps: Security With DevOps
DevSecOps: Security With DevOpsDevSecOps: Security With DevOps
DevSecOps: Security With DevOps
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
Osconorion
OsconorionOsconorion
Osconorion
 
Security as Code: DOES15
Security as Code: DOES15Security as Code: DOES15
Security as Code: DOES15
 
Machine Learning , Analytics & Cyber Security the Next Level Threat Analytics...
Machine Learning , Analytics & Cyber Security the Next Level Threat Analytics...Machine Learning , Analytics & Cyber Security the Next Level Threat Analytics...
Machine Learning , Analytics & Cyber Security the Next Level Threat Analytics...
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWS
 
Shifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istioShifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istio
 
Continuous Deployment with Amazon Web Services
Continuous Deployment with Amazon Web ServicesContinuous Deployment with Amazon Web Services
Continuous Deployment with Amazon Web Services
 
Tour of Azure DevOps
Tour of Azure DevOpsTour of Azure DevOps
Tour of Azure DevOps
 

Recently uploaded

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

Vulnerability Testing in the Cloud by dint of DevSecOps

Editor's Notes

  1. https://aws.amazon.com/blogs/aws/new-cloudwatch-events-track-and-respond-to-changes-to-your-aws-resources/
  2. http://docs.aws.amazon.com/lambda/latest/dg/welcome.html