Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Learning DevOps

You're reading from   Learning DevOps A comprehensive guide to accelerating DevOps culture adoption with Terraform, Azure DevOps, Kubernetes, and Jenkins

Arrow left icon
Product type Paperback
Published in Mar 2022
Publisher Packt
ISBN-13 9781801818964
Length 560 pages
Edition 2nd Edition
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
Mikael Krief Mikael Krief
Author Profile Icon Mikael Krief
Mikael Krief
Arrow right icon
View More author details
Toc

Table of Contents (25) Chapters Close

Preface 1. Section 1: DevOps and Infrastructure as Code
2. Chapter 1: The DevOps Culture and Infrastructure as Code Practices FREE CHAPTER 3. Chapter 2: Provisioning Cloud Infrastructure with Terraform 4. Chapter 3: Using Ansible for Configuring IaaS Infrastructure 5. Chapter 4: Optimizing Infrastructure Deployment with Packer 6. Chapter 5: Authoring the Development Environment with Vagrant 7. Section 2: DevOps CI/CD Pipeline
8. Chapter 6: Managing Your Source Code with Git 9. Chapter 7: Continuous Integration and Continuous Delivery 10. Chapter 8: Deploying Infrastructure as Code with CI/CD Pipelines 11. Section 3: Containerized Microservices with Docker and Kubernetes
12. Chapter 9: Containerizing Your Application with Docker 13. Chapter 10: Managing Containers Effectively with Kubernetes 14. Section 4: Testing Your Application
15. Chapter 11: Testing APIs with Postman 16. Chapter 12: Static Code Analysis with SonarQube 17. Chapter 13: Security and Performance Tests 18. Section 5: Taking DevOps Further/More on DevOps
19. Chapter 14: Security in the DevOps Process with DevSecOps 20. Chapter 15: Reducing Deployment Downtime 21. Chapter 16: DevOps for Open Source Projects 22. Chapter 17: DevOps Best Practices 23. Assessments 24. Other Books You May Enjoy

Shifting security left with DevSecOps

As we discussed in Chapter 14, Security in the DevOps Process with DevSecOps, security and compliance analyses must be part of DevOps processes. However, in companies, there is often a lack of awareness among development teams about security rules, and this is why security is implemented too late in DevOps processes.

To integrate security into processes, it is, therefore, necessary to raise awareness among developers of aspects of application code security, but also of the protection of CI/CD pipeline configuration.

In addition, it is also necessary to eliminate the barrier between DevOps and security by integrating security teams more often into the various meetings that bring together Dev and Ops teams, thus ensuring better consistency between developers, operational teams, and also security. Regarding the choice of tools, don't use too many different tools, because the goal is for these tools to also be used by developers and be...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime