Make Your Code Safe With DevSecOps
0The Security of the systems that we create is often of enormous importance, but it is also often treated as a kind of afterthought. DevSecOps is meant to try and address this and find better ways to integrate security and security thinking into the development process. This is even more important as we adopt faster, more effective Continuous Delivery styles of working. If our aim is to create releasable software multiple times per day and its security is part of what defines its releasability, that means that we need to be creating secure, releasable, software multiple times per day. So what does that take, how does security fit into a Continuous Delivery world?
In this episode, Dave Farley explores how we can integrate security and security thinking into our working practices, offers some security tips for developers and describes what an effective approach to DevSecOps looks like.
_____________________________________________________
🔗 LINKS:
Specflow Gherkin Cheat Sheet ➡️ https://go.specflow.org/cd-gherkin-cheet-sheet
Snyk - DevSecOps Overview ➡️ https://snyk.io/series/devsecops/
DevSecOps and Supply Chain Security ➡️ https://www.brighttalk.com/webcast/ 14777/497425
DevSecOps and Supply Chain Security ➡️ https://www.techtarget.com/searcherp/definition/supply-chain-security
“Awesome DevSecOps” ➡️ https://github.com/TaptuIT/awesome- devsecops#dependency-management
_____________________________________________________
📚 BOOKS:
🚨 📖 Dave’s NEW BOOK "Modern Software Engineering" is now available here ➡️ https://amzn.to/3DwdwT3
In this book, Dave brings together his ideas and proven techniques to describe a durable, coherent and foundational approach to effective software development, for programmers, managers and technical leads, at all levels of experience.
📖 "Continuous Delivery Pipelines" by Dave Farley
paperback ➡️ https://amzn.to/3gIULlA
ebook version ➡️ https://leanpub.com/cd-pipelines
📖 The original, award-winning "Continuous Delivery" book by Dave Farley and Jez Humble ➡️ https://amzn.to/2WxRYmx
NOTE: If you click on one of the Amazon Affiliate links and buy the book, Continuous Delivery Ltd. will get a small fee for the recommendation with NO increase in cost to you.
-------------------------------------------------------------------------------------
Also from Dave:
🎓 CD TRAINING COURSES
If you want to learn Continuous Delivery and DevOps skills, check out Dave Farley's courses
➡️ https://bit.ly/DFTraining
📧 JOIN CD MAIL LIST 📧
Keep up to date with the latest discussions, free "How To..." guides, events, online courses and exclusive offers. ➡️ https://bit.ly/MailListCD
-------------------------------------------------------------------------------------
CHANNEL SPONSORS:
Linode offers Linux virtual machines with global infrastructure and simple capped pricing. No surprise bills, no lock-in, and the same price across every data center. See if Linode works for you with a $100 60-day credit by signing up HERE ➡️ https://linode.com/cd
Equal Experts is a product software development consultancy with a network of over 1,000 experienced technology consultants globally. They increase the pace of innovation by using modern software engineering practices that embrace Continuous Delivery, Security, and Operability from the outset ➡️ https://bit.ly/3ASy8n0
Harness helps engineers and developers simplify and scale CI/CD, Feature Flags and Cloud Cost Management with an AI-powered platform for software delivery. ➡️ https://bit.ly/3Cfx3qI
Octopus are the makers of Octopus Deploy the single place for your team to manage releases, automate deployments, and automate the runbooks that keep your software operating. ➡️ https://octopus.com/
SpecFlow Behavior Driven Development for .NET SpecFlow helps teams bind automation to feature files and share the resulting examples as Living Documentation across the team and stakeholders. ➡️ https://go.specflow.org/dave_farley