SlideShare a Scribd company logo

DSOMM

Download as PPTX, PDF
P
penetration Tester

DSOMM

Education
1 of 6
DSOMM DevSecOps Maturity Model
DSOMM • The DevSecOps Maturity Model (DSOMM), shows security measures which are applied when using DevOps strategies and how these can be prioritized. With the help of DevOps strategies security can also be enhanced • For example, each component such as application libraries and operating system libraries in docker images can be tested for known vulnerabilities
• Implementation Levels in DSOMM are • Level 1: Basic understanding of security practices • Level 2: Adoption of basic security practices • Level 3: High adoption of security practices • Level 4: Advanced deployment of security practices at scale
• There are four main evaluation criteria in DSOMM:  Static depth — How comprehensive the static code scan that you are performing within the AppSec CI pipeline is.  Dynamic depth — How comprehensive the dynamic scan that is being run within the AppSec CI pipeline is.  Intensity - Your schedule frequency for the security scans running in AppSec CI pipeline.  Consolidation — Your remediation workflow for handling findings and process completeness.
Referece : • https://dsomm.timo-pagel.de/

Recommended

DevSecOps Implementation Journey
DevSecOps Implementation JourneyDevSecOps Implementation Journey
DevSecOps Implementation JourneyDevOps Indonesia
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference ArchitecturesSonatype
 
Dos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsDos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsPriyanka Aash
 
DevOps without DevOps Tools
DevOps without DevOps ToolsDevOps without DevOps Tools
DevOps without DevOps ToolsJagatveer Singh
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..Siddharth Joshi
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsTomas Honzak
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Mohammed A. Imran
 

Recommended

DevSecOps Implementation Journey
DevSecOps Implementation JourneyDevSecOps Implementation Journey
DevSecOps Implementation JourneyDevOps Indonesia
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference ArchitecturesSonatype
 
Dos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsDos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsPriyanka Aash
 
DevOps without DevOps Tools
DevOps without DevOps ToolsDevOps without DevOps Tools
DevOps without DevOps ToolsJagatveer Singh
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..Siddharth Joshi
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsTomas Honzak
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Mohammed A. Imran
 
An introduction to DevOps
An introduction to DevOpsAn introduction to DevOps
An introduction to DevOpsAlexander Meijers
 
DevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOpsDevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOpsMichael Man
 
DevOps Foundation
DevOps FoundationDevOps Foundation
DevOps FoundationHomepree Rloy
 
How to implement DevOps in your Organization
How to implement DevOps in your OrganizationHow to implement DevOps in your Organization
How to implement DevOps in your OrganizationDalibor Blazevic
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby StepsPriyanka Aash
 
Practical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief KarfiantoPractical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief Karfiantoidsecconf
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsabhimanyubhogwan
 
Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOpsFinto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
Pentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowPentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowAmien Harisen Rosyandino
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOpsRavindu Fernando
 
Devops ppt
Devops pptDevops ppt
Devops pptSulekha IT Training
 
DevSecOps reference architectures 2018
DevSecOps reference architectures 2018DevSecOps reference architectures 2018
DevSecOps reference architectures 2018Sonatype
 
The State of DevSecOps
The State of DevSecOpsThe State of DevSecOps
The State of DevSecOpsDevOps Indonesia
 
The Journey to DevSecOps
The Journey to DevSecOpsThe Journey to DevSecOps
The Journey to DevSecOpsSeniorStoryteller
 
DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...
DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...
DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...Mohamed Nizzad
 
Devops online training ppt
Devops online training pptDevops online training ppt
Devops online training pptKhalidQureshi31
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...Edureka!
 
DevOps introduction
DevOps introductionDevOps introduction
DevOps introductionMettje Heegstra
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsSetu Parimi
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsCheah Eng Soon
 
DevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseDevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseTonex
 
Lecture 10.pptx
Lecture 10.pptxLecture 10.pptx
Lecture 10.pptxMuhammadRehan856177
 

More Related Content

What's hot

DevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOpsDevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOpsMichael Man
 
How to implement DevOps in your Organization
How to implement DevOps in your OrganizationHow to implement DevOps in your Organization
How to implement DevOps in your OrganizationDalibor Blazevic
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby StepsPriyanka Aash
 
Practical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief KarfiantoPractical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief Karfiantoidsecconf
 
Pentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowPentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowAmien Harisen Rosyandino
 
DevSecOps reference architectures 2018
DevSecOps reference architectures 2018DevSecOps reference architectures 2018
DevSecOps reference architectures 2018Sonatype
 
DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...
DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...
DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...Mohamed Nizzad
 
Devops online training ppt
Devops online training pptDevops online training ppt
Devops online training pptKhalidQureshi31
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...Edureka!
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsSetu Parimi
 

What's hot (20)

An introduction to DevOps
An introduction to DevOpsAn introduction to DevOps
An introduction to DevOps
 
DevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOpsDevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOps
 
DevOps Foundation
DevOps FoundationDevOps Foundation
DevOps Foundation
 
How to implement DevOps in your Organization
How to implement DevOps in your OrganizationHow to implement DevOps in your Organization
How to implement DevOps in your Organization
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby Steps
 
Practical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief KarfiantoPractical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief Karfianto
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOps
 
Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOps
 
Pentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowPentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrow
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOps
 
Devops ppt
Devops pptDevops ppt
Devops ppt
 
DevSecOps reference architectures 2018
DevSecOps reference architectures 2018DevSecOps reference architectures 2018
DevSecOps reference architectures 2018
 
The State of DevSecOps
The State of DevSecOpsThe State of DevSecOps
The State of DevSecOps
 
The Journey to DevSecOps
The Journey to DevSecOpsThe Journey to DevSecOps
The Journey to DevSecOps
 
DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...
DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...
DevSecops: Defined, tools, characteristics, tools, frameworks, benefits and c...
 
Devops online training ppt
Devops online training pptDevops online training ppt
Devops online training ppt
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
 
DevOps introduction
DevOps introductionDevOps introduction
DevOps introduction
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOps
 
DevSecOps
DevSecOpsDevSecOps
DevSecOps
 

Similar to DSOMM

DevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseDevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseTonex
 
7.2-0-D8-October2021 (Software Development Security).pptx
7.2-0-D8-October2021 (Software Development Security).pptx7.2-0-D8-October2021 (Software Development Security).pptx
7.2-0-D8-October2021 (Software Development Security).pptxroongrus
 
An integrated security testing framework and tool
An integrated security testing framework and toolAn integrated security testing framework and tool
An integrated security testing framework and toolMoutasm Tamimi
 
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon
 
AppSec How-To: Achieving Security in DevOps
AppSec How-To: Achieving Security in DevOpsAppSec How-To: Achieving Security in DevOps
AppSec How-To: Achieving Security in DevOpsCheckmarx
 
3830100.ppt
3830100.ppt3830100.ppt
3830100.pptazida3
 
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)Denim Group
 
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017Amazon Web Services
 
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...Amazon Web Services
 
DevSecOps: Security and Compliance at the Speed of Continuous Delivery
DevSecOps: Security and Compliance at the Speed of Continuous DeliveryDevSecOps: Security and Compliance at the Speed of Continuous Delivery
DevSecOps: Security and Compliance at the Speed of Continuous DeliveryDag Rowe
 
Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Enov8
 
Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...Achim D. Brucker
 
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020Brian Levine
 
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon
 
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.pptgealehegn
 
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT LeadershipDevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT LeadershipBryan Len
 

Similar to DSOMM (20)

DevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps CourseDevSecOps Training Bootcamp - A Practical DevSecOps Course
DevSecOps Training Bootcamp - A Practical DevSecOps Course
 
Lecture 10.pptx
Lecture 10.pptxLecture 10.pptx
Lecture 10.pptx
 
7.2-0-D8-October2021 (Software Development Security).pptx
7.2-0-D8-October2021 (Software Development Security).pptx7.2-0-D8-October2021 (Software Development Security).pptx
7.2-0-D8-October2021 (Software Development Security).pptx
 
An integrated security testing framework and tool
An integrated security testing framework and toolAn integrated security testing framework and tool
An integrated security testing framework and tool
 
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly DavidoffDevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
DevSecCon Tel Aviv 2018 - End2End containers SSDLC by Vitaly Davidoff
 
Devops
DevopsDevops
Devops
 
Cloud application security (CCSP Domain 4)
Cloud application security (CCSP Domain 4)Cloud application security (CCSP Domain 4)
Cloud application security (CCSP Domain 4)
 
AppSec How-To: Achieving Security in DevOps
AppSec How-To: Achieving Security in DevOpsAppSec How-To: Achieving Security in DevOps
AppSec How-To: Achieving Security in DevOps
 
3830100.ppt
3830100.ppt3830100.ppt
3830100.ppt
 
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)
OWASP San Antonio: Open Software Assurance Maturity Model (OpenSAMM)
 
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017
 
4 sdlc
4 sdlc4 sdlc
4 sdlc
 
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...
Using Amazon Inspector to Discover Potential Security Issues - AWS Online Tec...
 
DevSecOps: Security and Compliance at the Speed of Continuous Delivery
DevSecOps: Security and Compliance at the Speed of Continuous DeliveryDevSecOps: Security and Compliance at the Speed of Continuous Delivery
DevSecOps: Security and Compliance at the Speed of Continuous Delivery
 
Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?
 
Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...
 
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
 
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
 
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
 
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT LeadershipDevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership
 

More from penetration Tester

More from penetration Tester (20)

Maven
MavenMaven
Maven
 
Jenkins
JenkinsJenkins
Jenkins
 
Jenkins
JenkinsJenkins
Jenkins
 
Sonar qube
Sonar qubeSonar qube
Sonar qube
 
Owasp zap
Owasp zapOwasp zap
Owasp zap
 
Sonarlint
SonarlintSonarlint
Sonarlint
 
Shift left
Shift leftShift left
Shift left
 
Deployment Strategies
Deployment StrategiesDeployment Strategies
Deployment Strategies
 
Shift left
Shift leftShift left
Shift left
 
Lfi
LfiLfi
Lfi
 
Directory traversal
Directory traversalDirectory traversal
Directory traversal
 
Burp documentation
Burp documentationBurp documentation
Burp documentation
 
7 layer OSI model
7 layer OSI model7 layer OSI model
7 layer OSI model
 
Virtual box
Virtual boxVirtual box
Virtual box
 
Tcp IP OSI
Tcp IP OSITcp IP OSI
Tcp IP OSI
 
Burp repeater
Burp repeaterBurp repeater
Burp repeater
 
Burp intruder
Burp intruderBurp intruder
Burp intruder
 
Hippa
Hippa Hippa
Hippa
 
Nist
NistNist
Nist
 
Isms
IsmsIsms
Isms
 

Recently uploaded

“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitolTechU
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 

Recently uploaded (20)

“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 

DSOMM

  • 2. DSOMM • The DevSecOps Maturity Model (DSOMM), shows security measures which are applied when using DevOps strategies and how these can be prioritized. With the help of DevOps strategies security can also be enhanced • For example, each component such as application libraries and operating system libraries in docker images can be tested for known vulnerabilities
  • 3.
  • 4. • Implementation Levels in DSOMM are • Level 1: Basic understanding of security practices • Level 2: Adoption of basic security practices • Level 3: High adoption of security practices • Level 4: Advanced deployment of security practices at scale
  • 5. • There are four main evaluation criteria in DSOMM:  Static depth — How comprehensive the static code scan that you are performing within the AppSec CI pipeline is.  Dynamic depth — How comprehensive the dynamic scan that is being run within the AppSec CI pipeline is.  Intensity - Your schedule frequency for the security scans running in AppSec CI pipeline.  Consolidation — Your remediation workflow for handling findings and process completeness.