Implementing DevSecOps Practices: Supercharge your software security with DevSecOps excellence


Implementing DevSecOps Practices: Supercharge your software security with DevSecOps excellence
Author: Vandana Verma Sehgal (Author)
Publisher finelybook 出版社:‏ Packt Publishing
Publication Date 出版日期:‏ 2023-12-22
Language 语言: English
Print Length 页数: 258 pages
ISBN-10: 1803231491
ISBN-13: 9781803231495

Book Description

Get to grips with application security, secure coding, and DevSecOps practices to implement in your development pipeline


Key Features:


  • Understand security posture management to maintain a resilient operational environment
  • Master DevOps security and blend it with software engineering to create robust security protocols
  • Adopt the left-shift approach to integrate early-stage security in DevSecOps
  • Purchase of the print or Kindle book includes a free PDF eBook


Book Description

:


DevSecOps is built on the idea that everyone is responsible for security, with the goal of safely distributing security decisions at speed and scale to those who hold the highest level of context. This practice of integrating security into every stage of the development process helps improve both the security and overall quality of the software. This book will help you get to grips with DevSecOps and show you how to implement it, starting with a brief introduction to DevOps, DevSecOps, and their underlying principles.


After understanding the principles, you’ll dig deeper into different topics concerning application security and secure coding before learning about the secure development lifecycle and how to perform threat modeling properly. You’ll also explore a range of tools available for these tasks, as well as best practices for developing secure code and embedding security and policy into your application. Finally, you’ll look at automation and infrastructure security with a focus on continuous security testing, infrastructure as code (IaC), protecting DevOps tools, and learning about the software supply chain.


By the end of this book, you’ll know how to apply application security, safe coding, and DevSecOps practices in your development pipeline to create robust security protocols.


What You Will Learn:


  • Find out how DevSecOps unifies security and DevOps, bridging a significant cybersecurity gap
  • Discover how CI/CD pipelines can incorporate security checks for automatic vulnerability detection
  • Understand why threat modeling is indispensable for early vulnerability identification and action
  • Explore chaos engineering tests to monitor how systems perform in chaotic security scenarios
  • Find out how SAST pre-checks code and how DAST finds live-app vulnerabilities during runtime
  • Perform real-time monitoring via observability and its criticality for security management


Who this book is for:


This book is for DevSecOps engineers and application security engineers. Developers, pentesters, and information security analysts will also find plenty of useful information in this book. Prior knowledge of the software development process and programming logic is beneficial, but not required.


About the Author

Vandana Verma Sehgal is a seasoned cybersecurity professional with over 17 years of experience, specializes in DevSecOps, and has a diverse background in Vulnerability management, SOC, Infrastructure, Application, and Cloud Security. She is a speaker and trainer, having presented at events like Global OWASP AppSec, BlackHat, and Grace Hopper. Vandana actively contributes to the cybersecurity community as a member of the OWASP Global Board of Directors, and Black Hat Asia Review Board and is deeply involved in diversity initiatives like InfosecGirls, WoSec, and null. She has earned numerous awards, including Cyber Security Woman of the Year 2020 and Application Security Influencer 2020 in India. Her passion for diversity and inclusion drives initiatives like InfosecGirls, WoSec, and InfosecKids, inspiring and empowering the next generation of security professionals.

Amazon page

打赏
未经允许不得转载:finelybook » Implementing DevSecOps Practices: Supercharge your software security with DevSecOps excellence

评论 抢沙发

觉得文章有用就打赏一下

您的打赏,我们将继续给力更多优质内容

支付宝扫一扫

微信扫一扫