2. Did you know?
Over 53, 000 cyber security incidents like phishing, website
intrusions and defacements, virus and ransomware attacks
were observed in the country during 2017, Parliament was informed
today….
Source: https://economictimes.indiatimes.com/tech/ites/over-53000-cyber-security-incidents-observed-in-
2017/articleshow/62852008.cms
3. Did you know?
Source: State of Application Security – Forrester 2018
https://www.forrester.com/report/...State...Application+Security+2018/-/E-RES141676
5. What is
DevSecOps?
Infusing Security practices that lead to
While still retaining the core DevOps benefits of
Faster Release Cycles
Early Defect Detection
Lesser Deployment Failures and Rollbacks
ReducedTime to Recover upon Failure
6. But, we have
security
related NFR in
our backlog
Isn’t that enough?
By 2021, DevSecOps will be embedded into 80%
of rapid development teams
Source: https://www.gartner.com/doc/3811369/-things-right-successful-devsecops
8. Security is
everyone’s
business…
… Not just of Security & Compliance teams
Culture that encourages “Security as a code”
Equip developers on concepts of secure coding
People
9. Practice
“SecureSDLC”
Update your SDLC processes and practices to include
Security Epics and User Stories in the backlog
Security criteria included in Definition of Done for the sprint
Secure coding practices as part ofTechnical Debt measurements
Security testing embedded in the testing cycles
Processes
10. Select from
wide range of
available tools
Tools &Technology
Cloudwatch
Alarm
Docker Bench
Amazon Inspector
gitrob