Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Enterprise DevOps for Architects

You're reading from   Enterprise DevOps for Architects Leverage AIOps and DevSecOps for secure digital transformation

Arrow left icon
Product type Paperback
Published in Nov 2021
Publisher Packt
ISBN-13 9781801812153
Length 288 pages
Edition 1st Edition
Languages
Tools
Concepts
Arrow right icon
Authors (2):
Arrow left icon
Jeroen Mulder Jeroen Mulder
Author Profile Icon Jeroen Mulder
Jeroen Mulder
Jeroen Mulder Jeroen Mulder
Author Profile Icon Jeroen Mulder
Jeroen Mulder
Arrow right icon
View More author details
Toc

Table of Contents (21) Chapters Close

Preface 1. Section 1: Architecting DevOps for Enterprises
2. Chapter 1: Defining the Reference Architecture for Enterprise DevOps FREE CHAPTER 3. Chapter 2: Managing DevOps from Architecture 4. Chapter 3: Architecting for DevOps Quality 5. Chapter 4: Scaling DevOps 6. Chapter 5: Architecting Next-Level DevOps with SRE 7. Section 2: Creating the Shift Left with AIOps
8. Chapter 6: Defining Operations in Architecture 9. Chapter 7: Understanding the Impact of AI on DevOps 10. Chapter 8: Architecting AIOps 11. Chapter 9: Integrating AIOps in DevOps 12. Chapter 10: Making the Final Step to NoOps 13. Section 3: Bridging Security with DevSecOps
14. Chapter 11: Understanding Security in DevOps 15. Chapter 12: Architecting for DevSecOps 16. Chapter 13: Working with DevSecOps Using Industry Security Frameworks 17. Chapter 14: Integrating DevSecOps with DevOps 18. Chapter 15: Implementing Zero Trust Architecture 19. Assessments 20. Other Books You May Enjoy

Applying frameworks to DevSecOps

In this section, we will learn how to include the controls of frameworks in DevOps and embed them as DevSecOps. Good news: it's not as hard as it may sound. The following diagram shows this process:

Figure 13.3 – Process of applying controls from security frameworks to DevOps

In general, we start by assessing the framework that the enterprise needs to apply to their IT environments. From that assessment, the different controls are derived and set to the development and deployment cycles of applications and infrastructure. As soon as code is pulled from the repositories, scanning starts against these controls.

We are using the CIS benchmark as an example here since CIS is the most used framework for setting security controls. Applying controls starts with the realization that in DevOps, the IT environments are highly dynamic by default. Everything, including the infrastructure, is turned into code, so applications...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime