Download as PDF, PPTX
DevSecOPs Summary and Steps involved in Secure SDLC
- 1.
- 2. About me Currently servingas a Senior DevSecOps Engineer with a wealth of experience spanning 10 years across diverse domains including System Administration, Network Security, and Penetration Testing. Possess expert-level proficiency in a wide array of DevOps and Security tools, demonstrating a comprehensive understanding of their applications and functionalities. https://www.linkedin.com/in/rmr9
- 3. Agenda 1. Introduction to DevOpsvs DevSecOps: 2. SDLC vs Secure SDLC: 3. Roles and Responsibilities of DevSecOps Engineers in Enterprise Environment: 4. Threat Modeling in Design/Plan Stages: 5. Lab Setup with Jenkins, Docker, Github, GIt 6. Static Application Security Testing (SAST) and its Tools: 7. Software Composition Analysis (SCA) and its Tools: 8. Dynamic Application Security Testing (DAST) and its Tools: 9. Container Security Basics and its Tools: 10. Infrastructure as Code (IaC) Basics and its Tools: 11. Understanding CWE, CVE, and CVSS: 12. False Positive Analysis: Report Security Vulns in JIRA Two IDE plugins along with Tools demo 13. Walkthrough from Developers and Scoping Call: 14. Interview Questions and Mock Interview: 15. How to Find a Job in Cybersecurity Thank YOU
- 4. Pipeline Stages andSecurity integration
- 5. Why should youtake this? 1. Comprehensive Security Testing Methodologies 2. Robust CI/CD Pipeline Implementation 3. Infrastructure as Code (IAC) Scanning Techniques 4. Collaborative Cross-Functional Communication 5. Automation and Scripting for DevSecOps 6. Threat Modeling and Security Awareness Sessions 7. Ongoing DevSecOps Pipeline Maintenance 8. Career Guidance and Resume preparation 9. Job Placement Assistance 10. You can attend the interviews by yourself 11. Continuing Education Guidance
- 6.