SlideShare a Scribd company logo

DevOps or DevSecOps

Michelangelo van Dam
Michelangelo van Dam

In 2009 Patrick Dubois coined the term "DevOps" when he organised the first "DevOpsDays" In Ghent, Belgium. Since then the term has become a term to explain the collaboration between all organisational stakeholders in IT projects (developers, operations, QA, marketing, security, legal, …) to deliver high quality, reliable solutions where issues are tackled early on in the value stream. But reality shows that many businesses that implement "DevOps" are actually talking about a collaboration between development, QA and operations (DQO). Solutions are being provided but lack the security and/or legal regulations causing hard-to-fix problems in production environments. In this talk I will explain how the original idea of Patrick to include all stakeholders got reduced to development, QA and operations and why it's so difficult to apply security or compliance improvements in this model. I will also talk about ways to make the DQO model welcoming for security experts and legal teams and why "DevSecOps" is now the term to be used to ensure security is no longer omitted from the value process. Finally we'll have a vote if we keep the term "DevOps" as an all-inclusive representation for all stakeholders or if we need to start using "DevSecOps" to ensure the business understands can no longer ignore the importance of security.

Engineering
1 of 63
Download to read offline
DEVOPS OR DEVSECOPS? Why do we need to focus on security in development and operations?
MICHELANGELO VAN DAM I'm a senior #php architect, co-founder and #ceo of @in2itvof, #community leader at @phpbenelux, coach at @CoderDojoBelgium, #MVP, #digitalnomad, likes #coffee. Follow me on Twitter: @DragonBe
DEVOPS Let’s have a look at DevOps first
PATRICK DEBOIS Patrick Debois coined the term “DevOps” at the first DevOpsDays in Ghent (Belgium) and started a very important movement in the tech industry.
THE THREE WAYS THE PRINCIPLES UNDERPINNING DEVOPS
THE THREE WAYS THE PRINCIPLES UNDERPINNING DEVOPS System thinking: performance of complete system
THE THREE WAYS THE PRINCIPLES UNDERPINNING DEVOPS System thinking: performance of complete system Amplify feedback loops: notify issues early in the process
THE THREE WAYS THE PRINCIPLES UNDERPINNING DEVOPS System thinking: performance of complete system Amplify feedback loops: notify issues early in the process Culture of continuous learning & experimenting
DEVOPS
DEVOPS Unifying software development & operations
DEVOPS Unifying software development & operations Automation & monitoring of software construction
DEVOPS Unifying software development & operations Automation & monitoring of software construction Shorter development cycles, increased deployment frequencies & produce dependable releases
DEVELOPMENT & OPERATIONS
DEVELOPMENT & OPERATIONS Project management & development
DEVELOPMENT & OPERATIONS Project management & development Network & systems engineering
DEVELOPMENT & OPERATIONS Project management & development Network & systems engineering Security, testing, legal, compliance & support
DEVELOPMENT & OPERATIONS Project management, development & testing Network & systems engineering Security, testing, legal, compliance & support
AUTOMATION & MONITORING
AUTOMATION & MONITORING Infrastructure as code
AUTOMATION & MONITORING Infrastructure as code Increased telemetry on whole application stack
AUTOMATION & MONITORING Infrastructure as code Increased telemetry on whole application stack Repeatable processes for continuous improvement
SHORTER DEVELOPMENT CYCLES, INCREASED DEPLOYMENT FREQUENCIES & DEPENDABLE RELEASES
SHORTER DEVELOPMENT CYCLES, INCREASED DEPLOYMENT FREQUENCIES & DEPENDABLE RELEASES 10, 100, 1K, 10K commits a day
SHORTER DEVELOPMENT CYCLES, INCREASED DEPLOYMENT FREQUENCIES & DEPENDABLE RELEASES 10, 100, 1K, 10K commits a day Each N commits results in a deployment (could be 1)
SHORTER DEVELOPMENT CYCLES, INCREASED DEPLOYMENT FREQUENCIES & DEPENDABLE RELEASES 10, 100, 1K, 10K commits a day Each N commits results in a deployment (could be 1) Each release is better than the previous
TRUST ME, I’M A PROFESSIONAL Each commit has the potential of introducing a new risk or break the system. Without any safeguards, we’re just increasing the speed of creating a Pandora’s Box.
DEVSECOPS
DEVSECOPS
DEVSECOPS Security integrated part of dev & ops
DEVSECOPS Security integrated part of dev & ops Each commit & systems change must meet security standards
DEVSECOPS Security integrated part of dev & ops Each commit & systems change must meet security standards Security by design
THIS IS 2018
THIS IS 2018
THIS IS 2018
THIS IS 2018
SECURITY FOCUS
SECURITY FOCUS Hackers
SECURITY FOCUS Hackers Data loss prevention
SECURITY FOCUS Hackers Data loss prevention Privacy protection
SECURITY FOCUS Hackers Data loss prevention Privacy protection Bad configuration
SECURITY FOCUS Hackers Data loss prevention Privacy protection Bad configuration Compliance
SECURITY FOCUS Hackers Data loss prevention Privacy protection Bad configuration Compliance Verified trust
WHAT’S YOUR OPINION? Raise your hand if you feel security needs to be emphasised with DevSecOps
WHAT’S YOUR OPINION? Raise your hand if you feel security is part of DevOps
SECURITY IS PART OF DEVOPS Project management, development & testing Network & systems engineering Security, testing, legal, compliance & support
THE DEVOPS CYCLE
A TYPICAL BUILD PROCESS
A TYPICAL BUILD PROCESS
SECURITY TESTING WITH RIPSTECH Project X 2019-03-02 16:43:11
SECURITY TESTING WITH BURP SUITE
SECURITY TESTING WITH ARACHNI
SECURITY TESTING WITH BEHAT
MANUAL SECURITY TESTING
SUMMARY
SUMMARY Security integrated part of dev & ops
SUMMARY Security integrated part of dev & ops TRUE === ($this->DevOps || $this->DevSecOps)
SUMMARY Security integrated part of dev & ops TRUE === ($this->DevOps || $this->DevSecOps) Security is a MUST: we can no longer ignore it!
REFERENCES
SHAMELESS PLUG DRAGONBE/HIBP
QUESTIONS?
QUESTIONS? Slides online slideshare.net/DragonBe
QUESTIONS? Slides online slideshare.net/DragonBe Leave feedback joind.in/event
QUESTIONS? Slides online slideshare.net/DragonBe Leave feedback joind.in/event Contact me
 twitter.com/DragonBe

Recommended

Demystifying DevSecOps
Demystifying DevSecOpsDemystifying DevSecOps
Demystifying DevSecOpsArchana Joshi
 
DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019NotSoSecure Global Services
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby StepsPriyanka Aash
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsCheah Eng Soon
 
Devops Devops Devops
Devops Devops DevopsDevops Devops Devops
Devops Devops DevopsKris Buytaert
 
DevSecOps reference architectures 2018
DevSecOps reference architectures 2018DevSecOps reference architectures 2018
DevSecOps reference architectures 2018Sonatype
 
DevOps Tutorial For Beginners | DevOps Tutorial | DevOps Tools | DevOps Train...
DevOps Tutorial For Beginners | DevOps Tutorial | DevOps Tools | DevOps Train...DevOps Tutorial For Beginners | DevOps Tutorial | DevOps Tools | DevOps Train...
DevOps Tutorial For Beginners | DevOps Tutorial | DevOps Tools | DevOps Train...Simplilearn
 
DevSecOps 101
DevSecOps 101DevSecOps 101
DevSecOps 101Narudom Roongsiriwong, CISSP
 

Recommended

Demystifying DevSecOps
Demystifying DevSecOpsDemystifying DevSecOps
Demystifying DevSecOpsArchana Joshi
 
DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019DevSecOps: What Why and How : Blackhat 2019
DevSecOps: What Why and How : Blackhat 2019NotSoSecure Global Services
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby StepsPriyanka Aash
 
DevSecOps
DevSecOpsDevSecOps
DevSecOpsCheah Eng Soon
 
Devops Devops Devops
Devops Devops DevopsDevops Devops Devops
Devops Devops DevopsKris Buytaert
 
DevSecOps reference architectures 2018
DevSecOps reference architectures 2018DevSecOps reference architectures 2018
DevSecOps reference architectures 2018Sonatype
 
DevOps Tutorial For Beginners | DevOps Tutorial | DevOps Tools | DevOps Train...
DevOps Tutorial For Beginners | DevOps Tutorial | DevOps Tools | DevOps Train...DevOps Tutorial For Beginners | DevOps Tutorial | DevOps Tools | DevOps Train...
DevOps Tutorial For Beginners | DevOps Tutorial | DevOps Tools | DevOps Train...Simplilearn
 
DevSecOps 101
DevSecOps 101DevSecOps 101
DevSecOps 101Narudom Roongsiriwong, CISSP
 
The State of DevSecOps
The State of DevSecOpsThe State of DevSecOps
The State of DevSecOpsDevOps Indonesia
 
DevSecOps : an Introduction
DevSecOps : an IntroductionDevSecOps : an Introduction
DevSecOps : an IntroductionPrashanth B. P.
 
Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOpsFinto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines Abdul_Mujeeb
 
DevSecOps Implementation Journey
DevSecOps Implementation JourneyDevSecOps Implementation Journey
DevSecOps Implementation JourneyDevOps Indonesia
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference ArchitecturesSonatype
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Mohammed A. Imran
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..Siddharth Joshi
 
How to implement DevOps in your Organization
How to implement DevOps in your OrganizationHow to implement DevOps in your Organization
How to implement DevOps in your OrganizationDalibor Blazevic
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...Edureka!
 
[DevSecOps Live] DevSecOps: Challenges and Opportunities
[DevSecOps Live] DevSecOps: Challenges and Opportunities[DevSecOps Live] DevSecOps: Challenges and Opportunities
[DevSecOps Live] DevSecOps: Challenges and OpportunitiesMohammed A. Imran
 
DevSecOps | DevOps Sec
DevSecOps | DevOps SecDevSecOps | DevOps Sec
DevSecOps | DevOps SecRubal Jain
 
DevSecOps Singapore introduction
DevSecOps Singapore introductionDevSecOps Singapore introduction
DevSecOps Singapore introductionStefan Streichsbier
 
DevOps Introduction
DevOps IntroductionDevOps Introduction
DevOps IntroductionRobert Sell
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsabhimanyubhogwan
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOpsRavindu Fernando
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsSetu Parimi
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD PipelineJames Wickett
 
DevOps Maturity Curve v5
DevOps Maturity Curve v5DevOps Maturity Curve v5
DevOps Maturity Curve v5Paul Peissner
 
Devops Devops Devops, at Froscon
Devops Devops Devops, at FrosconDevops Devops Devops, at Froscon
Devops Devops Devops, at FrosconKris Buytaert
 
DevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseDevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseJames Wickett
 
DevSecOps with Microsoft Tech
DevSecOps with Microsoft TechDevSecOps with Microsoft Tech
DevSecOps with Microsoft TechDarin Morris
 

More Related Content

What's hot

DevSecOps : an Introduction
DevSecOps : an IntroductionDevSecOps : an Introduction
DevSecOps : an IntroductionPrashanth B. P.
 
DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines Abdul_Mujeeb
 
DevSecOps Implementation Journey
DevSecOps Implementation JourneyDevSecOps Implementation Journey
DevSecOps Implementation JourneyDevOps Indonesia
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference ArchitecturesSonatype
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Mohammed A. Imran
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..Siddharth Joshi
 
How to implement DevOps in your Organization
How to implement DevOps in your OrganizationHow to implement DevOps in your Organization
How to implement DevOps in your OrganizationDalibor Blazevic
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...Edureka!
 
[DevSecOps Live] DevSecOps: Challenges and Opportunities
[DevSecOps Live] DevSecOps: Challenges and Opportunities[DevSecOps Live] DevSecOps: Challenges and Opportunities
[DevSecOps Live] DevSecOps: Challenges and OpportunitiesMohammed A. Imran
 
DevSecOps | DevOps Sec
DevSecOps | DevOps SecDevSecOps | DevOps Sec
DevSecOps | DevOps SecRubal Jain
 
DevSecOps Singapore introduction
DevSecOps Singapore introductionDevSecOps Singapore introduction
DevSecOps Singapore introductionStefan Streichsbier
 
DevOps Introduction
DevOps IntroductionDevOps Introduction
DevOps IntroductionRobert Sell
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOpsSetu Parimi
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD PipelineJames Wickett
 
DevOps Maturity Curve v5
DevOps Maturity Curve v5DevOps Maturity Curve v5
DevOps Maturity Curve v5Paul Peissner
 
Devops Devops Devops, at Froscon
Devops Devops Devops, at FrosconDevops Devops Devops, at Froscon
Devops Devops Devops, at FrosconKris Buytaert
 

What's hot (20)

The State of DevSecOps
The State of DevSecOpsThe State of DevSecOps
The State of DevSecOps
 
DevSecOps : an Introduction
DevSecOps : an IntroductionDevSecOps : an Introduction
DevSecOps : an Introduction
 
Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOps
 
DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines DevSecOps Basics with Azure Pipelines
DevSecOps Basics with Azure Pipelines
 
DevSecOps Implementation Journey
DevSecOps Implementation JourneyDevSecOps Implementation Journey
DevSecOps Implementation Journey
 
2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures2019 DevSecOps Reference Architectures
2019 DevSecOps Reference Architectures
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..
 
How to implement DevOps in your Organization
How to implement DevOps in your OrganizationHow to implement DevOps in your Organization
How to implement DevOps in your Organization
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
 
[DevSecOps Live] DevSecOps: Challenges and Opportunities
[DevSecOps Live] DevSecOps: Challenges and Opportunities[DevSecOps Live] DevSecOps: Challenges and Opportunities
[DevSecOps Live] DevSecOps: Challenges and Opportunities
 
DevSecOps | DevOps Sec
DevSecOps | DevOps SecDevSecOps | DevOps Sec
DevSecOps | DevOps Sec
 
DevSecOps Singapore introduction
DevSecOps Singapore introductionDevSecOps Singapore introduction
DevSecOps Singapore introduction
 
DevOps Introduction
DevOps IntroductionDevOps Introduction
DevOps Introduction
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOps
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOps
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOps
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
 
DevOps Maturity Curve v5
DevOps Maturity Curve v5DevOps Maturity Curve v5
DevOps Maturity Curve v5
 
Devops Devops Devops, at Froscon
Devops Devops Devops, at FrosconDevops Devops Devops, at Froscon
Devops Devops Devops, at Froscon
 

Similar to DevOps or DevSecOps

DevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseDevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseJames Wickett
 
DevSecOps with Microsoft Tech
DevSecOps with Microsoft TechDevSecOps with Microsoft Tech
DevSecOps with Microsoft TechDarin Morris
 
DevOps and the Future of InfoSec
DevOps and the Future of InfoSecDevOps and the Future of InfoSec
DevOps and the Future of InfoSecDarin Morris
 
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT LeadershipDevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT LeadershipBryan Len
 
Top 5 Challenges in Scaling DevOps in Brownfield Environments
Top 5 Challenges in Scaling DevOps in Brownfield EnvironmentsTop 5 Challenges in Scaling DevOps in Brownfield Environments
Top 5 Challenges in Scaling DevOps in Brownfield EnvironmentsDeborah Schalm
 
Scale security for a dollar or less
Scale security for a dollar or lessScale security for a dollar or less
Scale security for a dollar or lessMohammed A. Imran
 
Strengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessStrengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessMohammed A. Imran
 
DevOps and the Future of Information Security
DevOps and the Future of Information SecurityDevOps and the Future of Information Security
DevOps and the Future of Information SecurityDarin Morris
 
Dev secops indonesia-devsecops as a service-Amien Harisen
Dev secops indonesia-devsecops as a service-Amien HarisenDev secops indonesia-devsecops as a service-Amien Harisen
Dev secops indonesia-devsecops as a service-Amien HarisenNadira Bajrei
 
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineThe DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineJames Wickett
 
The New Security Playbook: DevSecOps
The New Security Playbook: DevSecOpsThe New Security Playbook: DevSecOps
The New Security Playbook: DevSecOpsJames Wickett
 
Winnipeg ISACA Security is Dead, Rugged DevOps
Winnipeg ISACA Security is Dead, Rugged DevOpsWinnipeg ISACA Security is Dead, Rugged DevOps
Winnipeg ISACA Security is Dead, Rugged DevOpsGene Kim
 
Strategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native AppsStrategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native AppsVMware Tanzu
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaMohammed A. Imran
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDJames Wickett
 
2021-10-14 The Critical Role of Security in DevOps.pdf
2021-10-14 The Critical Role of Security in DevOps.pdf2021-10-14 The Critical Role of Security in DevOps.pdf
2021-10-14 The Critical Role of Security in DevOps.pdfSavinder Puri
 
Securing a Great Developer Experience - DevOps Indonesia Meetup by Stefan Str...
Securing a Great Developer Experience - DevOps Indonesia Meetup by Stefan Str...Securing a Great Developer Experience - DevOps Indonesia Meetup by Stefan Str...
Securing a Great Developer Experience - DevOps Indonesia Meetup by Stefan Str...DevOps Indonesia
 
DevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOpsDevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOpsMichael Man
 
DevOps for the Discouraged
DevOps for the Discouraged DevOps for the Discouraged
DevOps for the Discouraged James Wickett
 
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"Aaron Rinehart
 

Similar to DevOps or DevSecOps (20)

DevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseDevOps for Defenders in the Enterprise
DevOps for Defenders in the Enterprise
 
DevSecOps with Microsoft Tech
DevSecOps with Microsoft TechDevSecOps with Microsoft Tech
DevSecOps with Microsoft Tech
 
DevOps and the Future of InfoSec
DevOps and the Future of InfoSecDevOps and the Future of InfoSec
DevOps and the Future of InfoSec
 
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT LeadershipDevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership
DevSecOps IT Modernization Training Bootcamp for Security Staff, IT Leadership
 
Top 5 Challenges in Scaling DevOps in Brownfield Environments
Top 5 Challenges in Scaling DevOps in Brownfield EnvironmentsTop 5 Challenges in Scaling DevOps in Brownfield Environments
Top 5 Challenges in Scaling DevOps in Brownfield Environments
 
Scale security for a dollar or less
Scale security for a dollar or lessScale security for a dollar or less
Scale security for a dollar or less
 
Strengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessStrengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or less
 
DevOps and the Future of Information Security
DevOps and the Future of Information SecurityDevOps and the Future of Information Security
DevOps and the Future of Information Security
 
Dev secops indonesia-devsecops as a service-Amien Harisen
Dev secops indonesia-devsecops as a service-Amien HarisenDev secops indonesia-devsecops as a service-Amien Harisen
Dev secops indonesia-devsecops as a service-Amien Harisen
 
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineThe DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD Pipeline
 
The New Security Playbook: DevSecOps
The New Security Playbook: DevSecOpsThe New Security Playbook: DevSecOps
The New Security Playbook: DevSecOps
 
Winnipeg ISACA Security is Dead, Rugged DevOps
Winnipeg ISACA Security is Dead, Rugged DevOpsWinnipeg ISACA Security is Dead, Rugged DevOps
Winnipeg ISACA Security is Dead, Rugged DevOps
 
Strategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native AppsStrategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
 
2021-10-14 The Critical Role of Security in DevOps.pdf
2021-10-14 The Critical Role of Security in DevOps.pdf2021-10-14 The Critical Role of Security in DevOps.pdf
2021-10-14 The Critical Role of Security in DevOps.pdf
 
Securing a Great Developer Experience - DevOps Indonesia Meetup by Stefan Str...
Securing a Great Developer Experience - DevOps Indonesia Meetup by Stefan Str...Securing a Great Developer Experience - DevOps Indonesia Meetup by Stefan Str...
Securing a Great Developer Experience - DevOps Indonesia Meetup by Stefan Str...
 
DevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOpsDevSecOps The Evolution of DevOps
DevSecOps The Evolution of DevOps
 
DevOps for the Discouraged
DevOps for the Discouraged DevOps for the Discouraged
DevOps for the Discouraged
 
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
 

More from Michelangelo van Dam

GDPR Art. 25 - Privacy by design and default
GDPR Art. 25 - Privacy by design and defaultGDPR Art. 25 - Privacy by design and default
GDPR Art. 25 - Privacy by design and defaultMichelangelo van Dam
 
Moving from app services to azure functions
Moving from app services to azure functionsMoving from app services to azure functions
Moving from app services to azure functionsMichelangelo van Dam
 
General Data Protection Regulation, a developer's story
General Data Protection Regulation, a developer's storyGeneral Data Protection Regulation, a developer's story
General Data Protection Regulation, a developer's storyMichelangelo van Dam
 
Leveraging a distributed architecture to your advantage
Leveraging a distributed architecture to your advantageLeveraging a distributed architecture to your advantage
Leveraging a distributed architecture to your advantageMichelangelo van Dam
 
Open source for a successful business
Open source for a successful businessOpen source for a successful business
Open source for a successful businessMichelangelo van Dam
 
Decouple your framework now, thank me later
Decouple your framework now, thank me laterDecouple your framework now, thank me later
Decouple your framework now, thank me laterMichelangelo van Dam
 
Deploy to azure in less then 15 minutes
Deploy to azure in less then 15 minutesDeploy to azure in less then 15 minutes
Deploy to azure in less then 15 minutesMichelangelo van Dam
 
Azure and OSS, a match made in heaven
Azure and OSS, a match made in heavenAzure and OSS, a match made in heaven
Azure and OSS, a match made in heavenMichelangelo van Dam
 
Zf2 how arrays will save your project
Zf2 how arrays will save your projectZf2 how arrays will save your project
Zf2 how arrays will save your projectMichelangelo van Dam
 
PHPUnit Episode iv.iii: Return of the tests
PHPUnit Episode iv.iii: Return of the testsPHPUnit Episode iv.iii: Return of the tests
PHPUnit Episode iv.iii: Return of the testsMichelangelo van Dam
 
Easily extend your existing php app with an api
Easily extend your existing php app with an apiEasily extend your existing php app with an api
Easily extend your existing php app with an apiMichelangelo van Dam
 

More from Michelangelo van Dam (20)

GDPR Art. 25 - Privacy by design and default
GDPR Art. 25 - Privacy by design and defaultGDPR Art. 25 - Privacy by design and default
GDPR Art. 25 - Privacy by design and default
 
Moving from app services to azure functions
Moving from app services to azure functionsMoving from app services to azure functions
Moving from app services to azure functions
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
 
Privacy by design
Privacy by designPrivacy by design
Privacy by design
 
Continuous deployment 2.0
Continuous deployment 2.0Continuous deployment 2.0
Continuous deployment 2.0
 
Let your tests drive your code
Let your tests drive your codeLet your tests drive your code
Let your tests drive your code
 
General Data Protection Regulation, a developer's story
General Data Protection Regulation, a developer's storyGeneral Data Protection Regulation, a developer's story
General Data Protection Regulation, a developer's story
 
Leveraging a distributed architecture to your advantage
Leveraging a distributed architecture to your advantageLeveraging a distributed architecture to your advantage
Leveraging a distributed architecture to your advantage
 
The road to php 7.1
The road to php 7.1The road to php 7.1
The road to php 7.1
 
Open source for a successful business
Open source for a successful businessOpen source for a successful business
Open source for a successful business
 
Decouple your framework now, thank me later
Decouple your framework now, thank me laterDecouple your framework now, thank me later
Decouple your framework now, thank me later
 
Deploy to azure in less then 15 minutes
Deploy to azure in less then 15 minutesDeploy to azure in less then 15 minutes
Deploy to azure in less then 15 minutes
 
Azure and OSS, a match made in heaven
Azure and OSS, a match made in heavenAzure and OSS, a match made in heaven
Azure and OSS, a match made in heaven
 
Getting hands dirty with php7
Getting hands dirty with php7Getting hands dirty with php7
Getting hands dirty with php7
 
Zf2 how arrays will save your project
Zf2 how arrays will save your projectZf2 how arrays will save your project
Zf2 how arrays will save your project
 
Create, test, secure, repeat
Create, test, secure, repeatCreate, test, secure, repeat
Create, test, secure, repeat
 
The Continuous PHP Pipeline
The Continuous PHP PipelineThe Continuous PHP Pipeline
The Continuous PHP Pipeline
 
PHPUnit Episode iv.iii: Return of the tests
PHPUnit Episode iv.iii: Return of the testsPHPUnit Episode iv.iii: Return of the tests
PHPUnit Episode iv.iii: Return of the tests
 
Easily extend your existing php app with an api
Easily extend your existing php app with an apiEasily extend your existing php app with an api
Easily extend your existing php app with an api
 
Your code are my tests
Your code are my testsYour code are my tests
Your code are my tests
 

Recently uploaded

Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptxCloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptxMd. Shahidul Islam Prodhan
 
Fruit shop management system project report.pdf
Fruit shop management system project report.pdfFruit shop management system project report.pdf
Fruit shop management system project report.pdfKamal Acharya
 
School management system project report.pdf
School management system project report.pdfSchool management system project report.pdf
School management system project report.pdfKamal Acharya
 
Top 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering ScientistTop 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering Scientistgettygaming1
 
shape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptxshape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptxVishalDeshpande27
 
Arduino based vehicle speed tracker project
Arduino based vehicle speed tracker projectArduino based vehicle speed tracker project
Arduino based vehicle speed tracker projectRased Khan
 
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxCFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
 
ONLINE CAR SERVICING SYSTEM PROJECT REPORT.pdf
ONLINE CAR SERVICING SYSTEM PROJECT REPORT.pdfONLINE CAR SERVICING SYSTEM PROJECT REPORT.pdf
ONLINE CAR SERVICING SYSTEM PROJECT REPORT.pdfKamal Acharya
 
Electrostatic field in a coaxial transmission line
Electrostatic field in a coaxial transmission lineElectrostatic field in a coaxial transmission line
Electrostatic field in a coaxial transmission lineJulioCesarSalazarHer1
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationRobbie Edward Sayers
 
Hall booking system project report .pdf
Hall booking system project report .pdfHall booking system project report .pdf
Hall booking system project report .pdfKamal Acharya
 
KIT-601 Lecture Notes-UNIT-5.pdf Frame Works and Visualization
KIT-601 Lecture Notes-UNIT-5.pdf Frame Works and VisualizationKIT-601 Lecture Notes-UNIT-5.pdf Frame Works and Visualization
KIT-601 Lecture Notes-UNIT-5.pdf Frame Works and VisualizationDr. Radhey Shyam
 
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...Amil baba
 
NO1 Pandit Black Magic Removal in Uk kala jadu Specialist kala jadu for Love ...
NO1 Pandit Black Magic Removal in Uk kala jadu Specialist kala jadu for Love ...NO1 Pandit Black Magic Removal in Uk kala jadu Specialist kala jadu for Love ...
NO1 Pandit Black Magic Removal in Uk kala jadu Specialist kala jadu for Love ...Amil baba
 
ASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdfASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdfAhmedHussein950959
 
AI for workflow automation Use cases applications benefits and development.pdf
AI for workflow automation Use cases applications benefits and development.pdfAI for workflow automation Use cases applications benefits and development.pdf
AI for workflow automation Use cases applications benefits and development.pdfmahaffeycheryld
 
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdfA CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdfKamal Acharya
 
ENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-IENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-IVigneshvaranMech
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdfKamal Acharya
 
Democratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek AryaDemocratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek Aryaabh.arya
 

Recently uploaded (20)

Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptxCloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
Cloud-Computing_CSE311_Computer-Networking CSE GUB BD - Shahidul.pptx
 
Fruit shop management system project report.pdf
Fruit shop management system project report.pdfFruit shop management system project report.pdf
Fruit shop management system project report.pdf
 
School management system project report.pdf
School management system project report.pdfSchool management system project report.pdf
School management system project report.pdf
 
Top 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering ScientistTop 13 Famous Civil Engineering Scientist
Top 13 Famous Civil Engineering Scientist
 
shape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptxshape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptx
 
Arduino based vehicle speed tracker project
Arduino based vehicle speed tracker projectArduino based vehicle speed tracker project
Arduino based vehicle speed tracker project
 
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxCFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
 
ONLINE CAR SERVICING SYSTEM PROJECT REPORT.pdf
ONLINE CAR SERVICING SYSTEM PROJECT REPORT.pdfONLINE CAR SERVICING SYSTEM PROJECT REPORT.pdf
ONLINE CAR SERVICING SYSTEM PROJECT REPORT.pdf
 
Electrostatic field in a coaxial transmission line
Electrostatic field in a coaxial transmission lineElectrostatic field in a coaxial transmission line
Electrostatic field in a coaxial transmission line
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
Hall booking system project report .pdf
Hall booking system project report .pdfHall booking system project report .pdf
Hall booking system project report .pdf
 
KIT-601 Lecture Notes-UNIT-5.pdf Frame Works and Visualization
KIT-601 Lecture Notes-UNIT-5.pdf Frame Works and VisualizationKIT-601 Lecture Notes-UNIT-5.pdf Frame Works and Visualization
KIT-601 Lecture Notes-UNIT-5.pdf Frame Works and Visualization
 
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...
NO1 Pandit Amil Baba In Bahawalpur, Sargodha, Sialkot, Sheikhupura, Rahim Yar...
 
NO1 Pandit Black Magic Removal in Uk kala jadu Specialist kala jadu for Love ...
NO1 Pandit Black Magic Removal in Uk kala jadu Specialist kala jadu for Love ...NO1 Pandit Black Magic Removal in Uk kala jadu Specialist kala jadu for Love ...
NO1 Pandit Black Magic Removal in Uk kala jadu Specialist kala jadu for Love ...
 
ASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdfASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdf
 
AI for workflow automation Use cases applications benefits and development.pdf
AI for workflow automation Use cases applications benefits and development.pdfAI for workflow automation Use cases applications benefits and development.pdf
AI for workflow automation Use cases applications benefits and development.pdf
 
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdfA CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
 
ENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-IENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-I
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdf
 
Democratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek AryaDemocratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek Arya
 

DevOps or DevSecOps