The document discusses the structure and competency areas of the Digital and Business Operations Body of Knowledge (DPBOK). It describes how DPBOK is structured into four contexts representing different stages of organizational evolution: individual/founder, team, team of teams, and enduring enterprise. Each context contains competency areas that decompose the skills needed. Context I focuses on competencies for an individual/founder and includes digital fundamentals, digital infrastructure, and application delivery. Digital fundamentals covers understanding digital value methods, contexts and lifecycles. Digital infrastructure discusses IT components, virtualization, containers, cloud-native architectures and configuration management. Application delivery outlines agile development practices and application architectures like microservices and APIs.

1. Context I – Individual/Founder

2. DPBOK
let’s Play A Game !!

3. DPBOK Structure
Organizational evolution Context

4. DPBOK IS STRUCTURED INTO 4 CONTEXT FROM STARTUP REQUIRED COMPENACIES
THROUGN TEAM FORMULATION, SCALED TEAMS TO ENDURING ENTERPRISE …
organizational Evolution Context
Individual
Founder
Team
Enduring
Enterprise
Team of
Teams
I II III IV
Represent the bare
minimum requirements of
delivering digital value
- Conception of digital
value
- Digital infrastructure
practices
- Agile development and
continuous delivery
practices
The collaboration level
represents the critical
team-level experience
- Team collaboration
guiding principles
- Digital product
development
- Insights of agile
movement
- Lean themes
Coordination across the
team of teams to ensure
alignment and joint
execution
- Coordination
mechanisms (ITSM)
- Investment and
sourcing (PM)
- Organizational and
cultural factors
Growing enterprise
through feedback
mechanisms , manage
risk and performance at
scale
- GRC & Security
- Information Mgmt.
- Architecture and
Portfolio Mgmt.

5. … EACH CONTEXT IS DECOMPOSTED INTO A SET OF COMPETANCY AREAS WITH
OVERALL 12 AREAS PER ALL CONTEXTS
DPBOK Competency Areas
Founder
Enduring
EnterpriseTeam
Team
of Teams
Digital
Fundamentals
Product
Management
Coordination &
Process
GRC &
Security
Digital
Instrastructure
Application
Delivery
Work
Management
Operations
Management
Information
Management
Architecture
Investment &
Portfolio
Organization &
Culture
1 1
0
2
3
4
5
6
7
8
9
1
1
1
2

6. Enduring
EnterpriseTeam
Team
of Teams
Product
Management
Coordination &
Process
GRC and Security
Work Management
Operations
Management
Information
Management
Architecture
Investment &
Portfolio
Organization &
Culture
Founder
Digital
Fundamentals
Digital
Instrastructure
Application
Delivery
Understand how value proposition
is being generated direct/indirect
through digital products
Understand how underlaying IT
service is operated
Understand the basics of modern
application delivery to effectively
manage digital sourcing and operations
1
2
3
DPBOK Competency Areas – Context I

7. DPBOK Structure
IT4IT Mapping

8. IT4IT REFERENCE ARCHITECTURE L1

9. Context I Mapping – Founder/Individual
DPBOK COMPETANCY AREAS ARE MAPPED TO IT4IT FUNCTIONAL CAPABILITIES FROM
VARIOUS VALUE STREAMS

10. A Founder/Individual Context
▷Digital Fundamentals
▷Digital Infrastructure
▷Application Delivery

11. CONTEXT I
1
Digital Fundamentals
Digital
Context
Digital
Value Methods
Digital
Lifecycle

12. DIGITAL SERVICE CAN TAKE 3 DIFFERENT FACING STYLES WHEN INTERACTING
WITH ITS BENEFICIARY
Digital Context – Digital Services types
Market & Consumer-Facing
- Directly market and consumer-
facing
- Used by external consumers
- Paid for by either them or closely
associated customers
Customer “Supporting”
- Customers do not interact
directly with such systems
- Customer-facing representatives
interact with these systems
- problems with such systems may
be readily apparent to the end
customer
Completely “back-office” systems
- Facebook®, LinkedIn®
- Netflix®
- online banking system
- Online system that a bank teller
uses when interacting with a
customer
- Human resources
- Payroll
- Marketing
- … etc.
Back-Office1 2 3
1

13. PEOPLE REACT IN A DIFFERENT MANNER TO A NEW DIGITAL SERVICES, SO TECHNOLOGY
ADOPTION CURVE AIMS FOR UNDERSTAND OF THESE BEHAVIOURS
Digital Context - Technology Adoption Categories
Innovators: venturesome risk-takers
Early adopters: opinion leaders
Early majority: deliberative, numerous
Late majority: skeptical, also numerous
Laggards: traditional, isolated, conservative
1
2
3
4
5
1

14. FOR STARTUPS, POSTITIONING DIGITAL PRODUCTS IS CRITICAL BECAUSE EACH MARKET
SEGMENT HAS DIFFERENT RATES OF CUSTOMER ADOPTION & ACCEPTANCE …
Digital Context – The four types of startups
Startups that are entering an existing market
Startups that are creating an entirely
new market
Startups that want to re-segment an
existing market as a low-cost entrant
Startups that want to re-segment an
existing market as a niche player
1
2
3
4
3 4
21
EXISTING MARKET
1

15. … ANOTHER, WELL-KNOWN CATEGORIZATION OF COMPETITIVE STRATEGIES
Digital Context – Categories for Competitive Strategy
Customer
Intimacy
Product
Leadership
Operational
Excellence
Nordstrom Apple Dell Technologies
Home Depot Nike Wal-Mart
Customer intimacy
Product leadership
Operational excellence
1
2
3
1

16. TO UNDERSTAND IT VALUE, IT IS ESSENTIAL TO UNDERSTAND KEY STAKEHOLDERS
AND THEIR PRESEPTIVES AND MOTIVATION
Digital Context – Stakeholders Types
Consumer
- The person actually interacting
with the IT or digital service
(The end user)
Customer
- source of revenue for the service
- If the service is part of a profit
center, the customer is the
person actually purchasing the
product
- If the service is part of a cost
center (e.g., a human resources
system), the customer is best
seen as an internal executive
The person who authorizes and
controls the funding used to
construct and operate the service
Sponsor
1
1 2 3

17. A SET OF APPROCHES CAN BE USED TO BRIDGE FROM UNDETSTANDING OF PRODUCT
CONTEXT, TO AN EFFECTIVE VISION FOR BUILDING AND SUSTAINING A PRODUCT
Digital value methods
Busines Model Canvas Business Case analysis Lean Startup1 2 3
1

18. BUSINESS MODEL CANVAS (BMC) IS A SHARED LANGUAGE FOR DESCRIBING, VISUALIZING,
ASSESSING, AND CHANGING BUSINESS MODELS, THAT IS USED FOR COLLABORATIVE
PLANNING TO DELVIER THE VALUE PROPOSITION
Digital Value Methods – Business Model Canvas
1

19. A BUSINESS CASE ANALYSIS (BCA) PROVIDES A BEST-VALUE ANALYSIS THAT CONSIDERS
NOT ONLY COST, BUT OTHER QUANTIFIABLE AND NON-QUANTIFIABLE FACTORS
SUPPORTING AN INVESTMENT DECISION
Digital Value Methods – Business Case Analysis
used in the initial decision to invest in a project
Guides the decision to select among alternative
approaches
used to validate any proposed scope, schedule, or
budget changes during the course of the project
sed to identify the various budget accounts and
amounts affected by the various product support
strategies
used to validate that planned benefits are realized
at the completion of the project.
When to Use BCA
1

20. A WIDE VARIETY OF ANALYSIS TECHNIQUES USED FOR MAKING A BUSINESS CASE
AT A MORE DETAILED LEVEL
Digital Value Methods – Business Case Analysis Techniques
Breakeven analysis
Cause-and-effect analysis
Cost/benefit analysis
Value chain analysis
Investment opportunity analysis
Pareto analysis
Payback analysis
Sensitivity analysis
Trend analysis
1
2
3
4
5
6
7
8
9
1

21. LEAN STARTUP IS AN ITERATIVE, “BUILD-MEASURE-LEARN” CYCLE THAT IS
ESSENTIAL PROCESS OF BUILDING A SUCCESSFUL STARTUP
Digital Value Methods – Lean Startup
Develop an idea
for MVP
Measure its
effectiveness in
the market
(internal/external)
Learn from the
experiment
Decide to persevere or
pivot (change direction
while leveraging
momentum)
New idea development,
evolution of MVP
1
2
3
4
5
1

22. THE DIGITAL SERVICE MAY CONTAIN GREAT COMPLEXITY, BUT PART OF ITS
SUCCESS LIES IN SHIELDING THE USER FROM THAT COMPLEXITY
Digital stack supports the moment of truth
User’s outcome , their
experience of value
Layered structure of
technology
1

23. DIGITAL PRODUCTS IS TRANSITIONED FROM DEVELOP IDEA FOR IT-ENABLED VALUE
PROPOSITION TO ULTIMATE OPERATION SUPPORT AND RETIREMENT
Digital Lifecycle - Digital Product States (Inspire to Retire)
1

24. THE STATE TRANSITION FOR DIGITAL PRODUCTS EVLOVES OVER TIME, THROUGH
MANY ITERATIONS OF IMPROVEMENT CYCLE …
Digital Lifecycle - Digital Service Lifecycle
1

25. … WHILE PRODUCT EVLOUTION FLOWS FROM ISPIER TO RETIRE, A DAY-TO-DAY
VALUE INCREMENT FLOWS UP THROUGH THE DIGITAL STACK
Digital Lifecycle - The Dual Axis Value Chain
1

26. THREE CORE DEVOPS PRINCIPLES ARE APPLICABLE AT THE EARLIEST STAGES OF
THE DIGITAL PRODUCT
Digital Lifecycle – 3 Ways of DevOps
Flow
Feedback
Continuous Learning
1

27. CONTEXT I
Digital Infrastructure
2
IT Infrastructure
Components
Virtualization
Cloud Services
Configuration
Management
Securing
Infrastructure

28. THERE ARE 3 MAJOR PHSICAL ASPECTS OF IT INFRASTURCUTER RELEVANT TO THE
DIGITAL PRACTITIONER
Definition: “The resource that
performs the rapid, clock-driven
digital logic that transforms data
inputs to outputs”
Data processing or state change:
Move data somewhere, operate it,
return to original location required
energy and bound up to physical
reality and laws of thermodynamics
[Compute processing is not free]
We must pay for computing , even
running the simplest calculation has
physical and economic cost
Definition: “The act of computation
that is bound up with the concept of
state”
No Need to concerned with physical
infra. used for storing data:
Storage increasingly is experienced as
a virtual resource, accessed through
executing programmed logic on cloud
platforms
Storage has different levels
of speed and accessibility:
- On-chip registers and cache
- RAM,
- Online mass storage [disk]
- Offline mass storage [tape]
Definition: “The basic concern of
Networking is to transmit data (or
information) from one location to
another
Developer uses programmatic tools to
define expected information
transmission not concerned with the
network technologies serving their
needs
Hierarchy of networking:
- Intra-chip pathways
- Motherboard and backplane
circuits
- Local area networks
- Wide area networks
- Backbone networks
Compute NetworkStorage
Digital infrastructure – IT Infrastructure components
2

29. 2
VIRTUALIZATION USES HYPERVISOR TO CONTROL PHYSICAL RESOURCES BY
EMULATING ANY NUMBER OF VIRTUAL MACHINES (VMs), EACH HAS ITS OWN OS
Virtualization - Hypervisor
Virtualization is Computers within a Computer

30. VIRTUALIZZTION ATTRACTS BUSINESS ATTENTION AS A MEANS TO CONSOLIDATE
COMUPTING WORKLODAS
Virtualization - Utilization Efficiency
Inefficient Utilization Virtualization Efficiency
2

31. HYPERVISOR MEDIATES “VIRTUAL MACHINE” ACCESS TO ACTUAL PHYSICAL
HARDWARE AND INTERACT WITH VARIOUS INTERFACES JUST LIKE THE MASTER OS
Virtualization Types
2

32. CONTAINERS (PARAVIRTUALIZATION) HAVE EMERGED AS A POWERFUL AND
CONVENIENT TECHNOLOGY FOR MANAGING VARIOUS WORKLOADS
Containers VS Virtual Machines
CONTAINERS
- Abstraction at the app layer
- packages code and dependencies
together.
- Multiple containers can run on the same
machine and share the OS kernel with
other containers,
- Each running as isolated processes in user
space.
- Containers take up less space than VMs
- Container images are typically tens of MBs
in size)can handle more applications and
require fewer VMs and Operating systems.
VIRTUAL MACHINES
- Abstraction of physical hardware turning
one server into many servers.
- The hypervisor allows multiple VMs to run
on a single machine.
- Each VM includes a full copy of an
operating system, the application,
necessary binaries and libraries - taking up
tens of GBs.
- VMs can also be slow to boot.
2

33. ARCHITECTURES BASED ON CONTAINERS RUNNING IN CLOUD PLATFORMS, WITH STRONG
API PROVISIONING AND INTEGRATED LOAD BALANCING AND AUTOSCALING, ARE CALLED
"CLOUD-NATIVE"
Cloud-Native Architecture
2

34. KUBERNETES IS AN OPEN SOURCE ORCHESTRATION PLATFORM THAT PROVIDES A
STANDARDIZED CONTROL PLANE FOR CONTAINERS (PARAVIRTUAILZATION)
Cloud-Native computing Kubernetes
Pods: group containers
Services: a set of pods supporting a
common set of functionality
Volumes: define persistent storage
coupled to the lifetime of pods
(therefore lasting across container lifetimes)
Namespaces: in Kubernetes (as in
computing generally) provide mutually-
exclusive labeling to partition resources
1
2
3
4
2

35. KUBERNETES MANAMGENET IS PERFORMED VIA A MASTER CONTROLLER WHICH
SUPERVISEES THE KUBERNETES NODES
Kubernetes Cluster Architecture
API server: The primary communication
point for provisioning and control requests
Controller manager: Manage state of
the cluster against policies; seeks to
continually converge actual state of the
cluster with intended (policy-specified) state
Scheduler: Manages the supply of
computing resources to the stated
(policy-drive) demand
1
2
3
Kubelet: for managing nodes and containers Kube-proxy: for services and traffic management4 5
2

36. CLOUD COMPUTING PROVIDES THE MEDIUM TO RUN IT AS A UTILTIY SERVICE IN A
FULLY AUTOMATED FASHION WITH PAY-AS-YOU-GO CONCEPT
Cloud Services
2

37. IaC DEFINES AN APRPOACH TO INFRASTRUCUTRE AUTOMATION BASED ON
PRACTICIES FROM SOFTWARE DEVELOPMENT
Configuration Management – Infrastructure as Code
2

38. CM CONSISTS OF VC WHICH MANAGE THE STATE OF ARTIFACTS AND D&O WHICH MANAGE
ARTIFACTS COMBINATION WITH REQUIRED RESORUCES TO ENSURE VALUE DELIVERY
Configuration Management
[CM]
[VC]
[D&O]
2

39. VERSION CONTROL WORKS LIKE AN ADVANCED FILE SYSTEM WITH A MEMORY
WHICH REMEMBER ALL CAHGNES FOR ITS CONTENT
Configuration Management – Version Control
Version Control
Source
Control
Package
Management
Change History + Version Comparison + Restore Backup
2

40. SOURCE CONTROL USED AS REPOSITORY TO STORE VERSIONS, CONTROL VERSIONS
HISTORY AND ANALYZE DIFFERENCES OF TEXTUAL-BASED ARTIFACTS
Configuration Management – Source Control
2

41. COMMIT IS USED TO RECORD CHANGE TO SOURCE CONTROL REPOSITORY AND
SET THE FOUNDATIONS FOR IT MANAGEMENT & GOVERNANCE
Configuration Management – The "Commit” Concept
2

42. BRANCH IS AN EXPERIMENTAL VERSION, COMPLETELY SEPERATED FROM THE MASTER
VERSION SO THAT VARIOUS AMENDMENTS CAN BE TRIED WTIHOUT COMPROMISING THE
OVERALL SYSTEM STABILITY
Configuration Management – The “Branch” Concept
2

43. SOURCE CONTROL ARTIFCATS IS COMPILED AND ORGANIZED INTO DEPLOYABLE
ASSETS OFTEN CALLED “PACKAGES”
Configuration Management – Package Management
2

44. TO LEVERAGE GOVERNANCE & CONTORL EFFORTS, COMPILED PACKAGES SHOULD
BE STORED INTO DIFFERENT REPOSITORY THAN TEXTUAL-BASED ARTIFACTS
Configuration Management – Version Control Types
Common Version Control Separate Version Control
2

45. SECURING INFRASTURCUTRE IS CRITICAL TO DIGITAL PRODUCT DELIVERY THAT
FOCUS ON PHYSICAL SECUIRTY, NETWORK, CORE OS AND CLOUD ISSUES
Securing Infrastructure - Security Hierarchy
2

46. CONTEXT I
Application Delivery
3
ALM Basics
Agile Development
DevOps
API, Microservice &
Cloud-Native
Secure Apps,
Digital Products

47. SDLC DESCRIBE THE FUNDAMENTAL PHASES OF SOFTWARE DEVELOPMENT CYCLE
THAT INCREASINGLY AUTOMATED BY VARIOUS PRACTICES
ALM Basics
Understanding intended outcome
Analyzing and designing the "solution"
that can support the outcome
Building the solution
Evaluating whether the solution supports the
intended outcome (usually termed "testing")
1
2
3
4
Delivering or transitioning the solution into
a state that delivering the intended outcome
5
3

48. WATERFALL LIFECYCLE AND V-MODEL REPRESENT TRANDITINOAL APPROCHES
FOR SDLC
Waterfall lifecycle & V-Model
3

49. AGILE IS A WIDELY USED PRACTICE THAT PIONEER THE CONCEPTS OF ITERATIVE,
FAST-CYCEL DEVELEPMENT AND ONGOING STAKEHOLDER FEEDBACK
Agile Values
3

50. AGILE FOLLOWS 12 PRINCIPLES TO GUIDE AND SUSTAIN SOFTWARE
DEVELOPMENT PRACTICES …
Agile Principles
3

51. … AND DELIVER SMALLER BATCHES OF COMPLETE FUNCTIONALITY THAT
MINIMIZE THE OVERALL SOFTWARE DEVELOPMENT RISK
Waterfall Risk vs Agile Risk
3

52. DEVOPS IS A BROAD TERM, ENCOMPASSING PRODUCT MANAGEMENT,
CONTINUOUS DELIVERY, ORG. STRUCTURE, TEAM BEHAVIOUR & CULTURE
Agile/DevOps Practices
Test-driven development
Ongoing refactoring
Continuous Integration
Continuous Delivery
Continuous Delivery Pipeline
Release management
1
2
3
4
5
6
3

53. THE CONTINUOUS DELIVERY PIPELINE (CDP) REPRESENTS THE WORKFLOWS, ACTIVITIES &
AUTOMATION NEEDED TO SPONSOR A NEW PIECE OF FUNCTIONALITY FROM IDEATION TO
AN ON-DEMAND RELEASE OF VALUE TO THE END USER
DevOps – continuous delivery toolchain
Potential value
identified
Refined into
product feature
1

54. TEST DRIVEN DEVELOPMENT (TDD) IS AN SOFTWARE DEVELOPMENT APPROACH IN WHICH
A TEST IS WRITTEN BEFORE WRITING THE CODE. ONCE THE NEW CODE PASSES THE TEST, IT
IS REFACTORED TO AN ACCEPTABLE STANDARD
DevOps – Test-driven development 2

55. TEST-DRIVEN DEVELOPMENT REVERSES TRADITIONAL DEVELOPMENT AND TESTING
DevOps – Test-driven development 2

56. ONGOING REFACTORING IS INTENDED TO IMPROVE THE DESIGN, STRUCTURE, AND/OR
IMPLEMENTATION OF THE DIGITAL PRODUCT (ITS NON-FUNCTIONAL ATTRIBUTES), WHILE
PRESERVING ITS FUNCTIONALITY (REFACTORING IS HOW TECHNICAL DEPT IS ADDRESSED)
DevOps – Ongoing Refactoring 3

57. ONGOING REFACTORING IS INTENDED TO IMPROVE THE DESIGN, STRUCTURE, AND/OR
IMPLEMENTATION OF THE DIGITAL PRODUCT (ITS NON-FUNCTIONAL ATTRIBUTES), WHILE
PRESERVING ITS FUNCTIONALITY (REFACTORING IS HOW TECHNICAL DEPT IS ADDRESSED)
DevOps – Ongoing Refactoring 3

58. CONTINUOUS INTEGRATION (CI) IS A DEVOPS PRACTICE WHERE DEVELOPERS REGULARLY
MERGE THEIR CODE CHANGES INTO A CENTRAL REPOSITORY AT A FREQUENT
INTERVAL OF TIME
DevOps – Continuous Integration
MergeHellCatchErrorsQuickly
HugeChangesSmallChanges
4

59. CONTONIUS INTEGRATION (CI) AIMS TO CONTROL SIMULTANEOUS CHANGES AND
CONFIRM THAT ALL PARTS ARE WORKING CORRECTLY TOGETHER
DevOps – Big Bang vs Continuous Integration
Big
Bang
Continuous
Integration
4

60. CONTINOUS DELIVERY IS A DEVOPS PRACTICE IN WHICH EVERY CODE CHANGE IS BUILT,
TESTED, AND THEN PUSHED TO A NON-PRODUCTION TESTING OR STAGING ENVIRONMENT
DevOps – Continuous Delivery 5

61. CONTINUOUS DELIVERY IS A BEING READY STATE AND ABLE TO RELEASE ANY VERSION AT
ANY TIME ON ANY PLATFORM, WHEREAS CONTINUOUS DEPLOYMENT IS BEING ABLE TO
CONTINUALLY DEPLOY TO PRODUCTION AUTOMATICALLY WITHOUT EXPLICIT APPROVAL
DevOps – Continuous Delivery vs Continuous deployment 5

62. RELEASE IS A SIGNIFICANT EVOLUTION IN AN IT SERVICE, OFTEN BASED ON NEW SYSTEMS
DEVELOPMENT, COORDINATED WITH AFFECTED SERVICES AND STAKEHOLDERS
DevOps – Release 6
Coordinate the assembly of IT functionality into a
coherent whole and deliver this package into a state
in which the customer is getting the intended value
Release management

63. CLOUD-NATIVE TECHNOLGIIES (CN) EMPOWER ORGANIZATIONS TO BUILD AND
RUN SCALABLE APPLICATIONS IN MODERN, DYNAMIC ENVIRONMENTS
Cloud-Native (CN) Technologies
CN Enable loosely-coupled systems that are
resilient, manageable, and observable.
Combined with robust automation
Allow engineers to make high-impact changes
frequently and predictably with minimal toil
Cloud-native technologies such as public,
private, and hybrid clouds. Containers, service
meshes, microservices, immutable infrastructure,
and declarative APIs exemplify this approach.
1
2
3
3

64. API IS THE PUBLIC ENTRY POINT IN AND OUT OF A SOFTWARE COMPONENT,
WHICH OPERATES AT DIFFERENT LEVELS OF THE DIGITAL STACK
CN Technologies - API’s
3

65. MICROSERVICES ARE SMALL, AUTONMOUS SERVICES THAT WORK TOGETHER AS
COHESIVE WHOLE
CN Technologies – Microservices benefits
Technology Flexibility
Microservices may be written in any language and yet communicate over common protocols
and be managed in a common framework
Resilience Failure of one microservice should not result in failure of an entire digital product
Scalability
monolithic applications typically must be scaled as one unit; with microservices, just those
units under higher load can have additional capacity allocated
Ease of deployment because microservices are small and loosely coupled, change is less risky
Organizational
alignment
large, monolithic codebases often encounter issues with unclear ownership; microservices are
typically each owned by one team
Composability
microservices can be combined and re-combined ("mashed up") in endless variations, both
within and across organizational boundaries
Replaceability
Because they are loosely coupled and defined by their APIs, a microservice can be replaced
without replacing the rest of a broader system
1
2
3
4
5
6
7
3

66. MICROSERVICES ARE SMALL, AUTONMOUS SERVICES THAT WORK TOGETHER AS
COHESIVE WHOLE
CN Technologies – Uber Microservices Arch.
3

67. MICROSERVICES ARE SMALL, AUTONMOUS SERVICES THAT WORK TOGETHER AS
COHESIVE WHOLE
CN Technologies – Eshop Microservices Arch.
3

68. THE 12-FACTOR APP IS A METHODOLOGY FOR BUILDING SaaS APPS THAT CONSIDERED
AS A GOOD PRACTICE ASSOCIATED WITH MICROSERVICES SUCCESS
12 Factor Apps
3

69. APPLICATION SECURITY INCLUDES A WIDE RANGE OF SPECIALIZED AREAS, INCLUDING
SECURE SOFTWARE DESIGN AND DEVELOPMENT, THREAT MODELING, VULNERABILITY
ASSESSMENT, PENETRATION TESTING AND DEVOPS SECURITY
Secure Apps & Digital Products - SSDLC
A basic approach to secure design and development
will include these phases: Training – Define – Design –
Develop – Test.
The SSDLC Process define how to integrate security
into the software development process.
SSDLC (Secure Software Development lifecycle) is a
process model used by organizations to build secure
applications.
Security training
& awareness
Security
requirements
Secure by
design
Secure
implementation
& Coding
Application
security testing
Security review
& Response
Plan
Security
maintenance
Secure SDLC
3

70. “
To Be continue .. ☺

71. Thanks!
Any questions?
You can find me at:
eng.mohamedzakarya@gmail.com
Mohamed Zakarya Abdelgawad