GitHub/quartz
1
0
Fork 2
mirror of https://github.com/jackyzha0/quartz.git synced 2025-12-28 07:14:05 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity
071e130047
quartz/content/Devops&DevSecOps/devsecops/DevSecOps Article.md
ErdemOzgen 071e130047 Remove unnecessary files and update index.md
2023-12-04 15:03:59 +03:00

1.5 KiB
Raw Blame History

Design and Practice if Security Architecture via DevSecOps Technology DOI:10.1109/ICSESS54813.2022.9930212

!Screenshot from 2023-03-15 10-31-39.png

!Screenshot from 2023-03-15 10-31-59.png

DevSecOps architecture design is divided into 10 phases.

DevSecOps architecture is designed to meet the international leading cloud native security 4C model (CNCF standard: cloud, cluster, container, code) and security development life cycle (Microsoft standard) evaluation system, across the two areas of R&D performance and security, security is introduced into every stage of the R&D process (DORA Level 5 standard: Integrate security in the requirements, design, build, test, and deployment phases).

!Screenshot from 2023-03-15 10-41-07.png

Implementation of DevSecOps by Integrating Static and Dynamic Security Testing in CI/CD Pipelines DOI:10.1109/ICOSNIKOM56551.2022.10034883

https://github.com/lianahq/skinner ==> Python script named Skinner performs automated security testing with Burp Suite Pro on the GitLab CI pipeline using the DevSecOps implementation procedure.

Challenges and solutions when adopting DevSecOps: A systematic review https://doi.org/10.1016/j.infsof.2021.106700

!Screenshot from 2023-03-15 13-01-09.png

Challanges About DevSecOps

!Screenshot from 2023-03-15 13-41-20.png !Screenshot from 2023-03-15 14-49-53.png !Screenshot from 2023-03-15 14-50-13.png!Screenshot from 2023-03-15 14-52-15.png