Download as PDF, PPTX
![resource "aws_s3_bucket" "app" {
count = "${var.create_app ? 1 : 0}"
bucket = "${var.name}.${var.domain}"
acl = "private"
website {
index_document = "index.html"
error_document = "index.html"
}
policy = <<EOF
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "PublicReadForGetBucketObjects",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::${var.name}.${var.domain}/*"
}
]
}
EOF
lifecycle {
prevent_destroy = true
}
tags {
solution = "apps"
}
}
resource "aws_s3_bucket" "next_app" {
count = "${var.create_next_app ? 1 : 0}"
bucket = "next-${var.name}.${var.domain}"
acl = "private"
website {
index_document = "index.html"
error_document = "index.html"
}
Honey Tokens](https://image.slidesharecdn.com/petkopetkovslides-181024130309/85/DevSecCon-London-2018-Open-DevSecOps-43-320.jpg)
![resource "aws_s3_bucket" "app" {
count = "${var.create_app ? 1 : 0}"
bucket = "${var.name}.${var.domain}"
acl = "private"
website {
index_document = "index.html"
error_document = "index.html"
}
policy = <<EOF
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "PublicReadForGetBucketObjects",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::${var.name}.${var.domain}/*"
}
]
}
EOF
lifecycle {
prevent_destroy = true
}
tags {
solution = "apps"
}
}
resource "aws_s3_bucket" "next_app" {
count = "${var.create_next_app ? 1 : 0}"
bucket = "next-${var.name}.${var.domain}"
acl = "private"
website {
index_document = "index.html"
error_document = "index.html"
}
Dark Nets](https://image.slidesharecdn.com/petkopetkovslides-181024130309/85/DevSecCon-London-2018-Open-DevSecOps-45-320.jpg)
![resource "aws_s3_bucket" "app" {
count = "${var.create_app ? 1 : 0}"
bucket = "${var.name}.${var.domain}"
acl = "private"
website {
index_document = "index.html"
error_document = "index.html"
}
policy = <<EOF
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "PublicReadForGetBucketObjects",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::${var.name}.${var.domain}/*"
}
]
}
EOF
lifecycle {
prevent_destroy = true
}
tags {
solution = "apps"
}
}
resource "aws_s3_bucket" "next_app" {
count = "${var.create_next_app ? 1 : 0}"
bucket = "next-${var.name}.${var.domain}"
acl = "private"
website {
index_document = "index.html"
error_document = "index.html"
}
Recon](https://image.slidesharecdn.com/petkopetkovslides-181024130309/85/DevSecCon-London-2018-Open-DevSecOps-47-320.jpg)
Uploaded byDevSecCon
DevSecCon London 2018: Open DevSecOps
The document discusses the evolution and principles of DevSecOps, emphasizing the need to incorporate open practices back into the model. It highlights various tools and strategies for security in software development, including the use of AWS resources, continuous integration, and emerging trends like bug bounties and pentesting. The content also addresses the goal of creating self-governing, self-healing, and self-defending systems.
More Related Content
Similar to DevSecCon London 2018: Open DevSecOps
DevSecCon London 2018: Open DevSecOps
- 1. LONDON 18-19 OCT2018 Open DevSecOps PETKO D. PETKOV
- 2.
- 3.
- 4.
- 6. You have toknow the past to understand the present. Carl Sagan
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14. Pentesting Vuln ProgramsBug Bounties DevSecOps
- 15. Pentesting Vuln ProgramsBug Bounties DevSecOps 2002 2007 2012 2018 5
- 16.
- 18.
- 20.
- 21.
- 22. Code Build TestDeploy Monitor
- 23. Code Build TestDeploy Monitor
- 24.
- 26.
- 27.
- 28. Open DevSecOps Putting “Open”back into the DevSecOps Model
- 29. Code Build TestDeploy Monitor
- 30. Code Build TestDeploy Monitor ? ? ? ?
- 31. DEV Tools Static SourceCode Scanner Dynamic Application Scanner
- 32. Infrastructure It is alsoexpressed in code these days
- 34.
- 35. Open DevSecOps Putting “Open”back into the DevSecOps Model
- 36.
- 37.
- 39.
- 41.
- 42.
- 43. resource "aws_s3_bucket" "app"{ count = "${var.create_app ? 1 : 0}" bucket = "${var.name}.${var.domain}" acl = "private" website { index_document = "index.html" error_document = "index.html" } policy = <<EOF { "Version": "2008-10-17", "Statement": [ { "Sid": "PublicReadForGetBucketObjects", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::${var.name}.${var.domain}/*" } ] } EOF lifecycle { prevent_destroy = true } tags { solution = "apps" } } resource "aws_s3_bucket" "next_app" { count = "${var.create_next_app ? 1 : 0}" bucket = "next-${var.name}.${var.domain}" acl = "private" website { index_document = "index.html" error_document = "index.html" } Honey Tokens
- 44.
- 45. resource "aws_s3_bucket" "app"{ count = "${var.create_app ? 1 : 0}" bucket = "${var.name}.${var.domain}" acl = "private" website { index_document = "index.html" error_document = "index.html" } policy = <<EOF { "Version": "2008-10-17", "Statement": [ { "Sid": "PublicReadForGetBucketObjects", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::${var.name}.${var.domain}/*" } ] } EOF lifecycle { prevent_destroy = true } tags { solution = "apps" } } resource "aws_s3_bucket" "next_app" { count = "${var.create_next_app ? 1 : 0}" bucket = "next-${var.name}.${var.domain}" acl = "private" website { index_document = "index.html" error_document = "index.html" } Dark Nets
- 46.
- 47. resource "aws_s3_bucket" "app"{ count = "${var.create_app ? 1 : 0}" bucket = "${var.name}.${var.domain}" acl = "private" website { index_document = "index.html" error_document = "index.html" } policy = <<EOF { "Version": "2008-10-17", "Statement": [ { "Sid": "PublicReadForGetBucketObjects", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::${var.name}.${var.domain}/*" } ] } EOF lifecycle { prevent_destroy = true } tags { solution = "apps" } } resource "aws_s3_bucket" "next_app" { count = "${var.create_next_app ? 1 : 0}" bucket = "next-${var.name}.${var.domain}" acl = "private" website { index_document = "index.html" error_document = "index.html" } Recon
- 48. Top10 Dynamic Security Scanner Static Code Analysers AuxiliaryTools Terraform Modules CloudFormation Stacks Research Papers Scripts Log Aggregation SIEM FW
- 49. The goal isthe goal
- 50. Shift to theleft Pentesting / Red Team Vuln Research Bug Hunting
- 51. 1. Self-governing 2. Self-healing 3.Self-defending
- 52. 1. Self-governing 2. Self-healing 3.Self-defending
- 53. 1. Self-governing 2. Self-healing 3.Self-defending
- 54. 1. Self-governing 2. Self-healing 3.Self-defending
- 55. @pdp GNUCITIZEN / WEBSECURIFY/ SECAPPS
- 56. LONDON 18-19 OCT2018 ¯_(ツ)_/¯