Refer to the OWASP security projects, NIST, CSA, GDPR for updated security best practices. Try to install and apply the open source tools mentioned in the books.
Apply one security tool or practice at a time into the DevOps process.
To get the most out of this book
Download the color images
We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/HandsOnSecurityinDevOps_ColorImages.
Conventions used
There are a number of text conventions used throughout this book.
CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Being able to establish the application resource (TimeSheet.xls) in a security relationship is a unique authorization model in OACC."
Bold: Indicates a new term, an important word, or words that you see onscreen.
Warnings or important notes appear like this.
Tips and tricks appear like this.
