| People | Local Reqs | Source Code | Integration | Deployment | Runtime | Hardware | DNS | Services | Cloud |
|---|---|---|---|---|---|---|---|---|---|
| Developers | IDE | Languages | SCM providers | Build solutions | Servers | Embedded PC | URL | SaaS solutions | CDN |
| QA team | SCV | Frameworks | Pull requests | Deployment platforms | Operating systems | PCB | hostname | Third party APIs | Cloud services |
| DevOps team | Local tests | Libraries | Secrets mgmt | Releases | Webservers | USB dongle | Payment gateways | ||
| Package Maintainers | Git repos | Package Managers | Git repos | Functional tests | Application servers | GPU/CPU | Identity Providers | ||
| Page Builders | Packages | Security tests | Web engines | Analytics | |||||
| Open source | API test frameworks | Databases | Proxies | ||||||
| Proprietary Code | Unit tests | ||||||||
| People | Local Reqs | Source Code | Integration | Deployment | Runtime | Hardware | DNS | Services | Cloud |
Continuous delivery is an extension of continuous integration that automatically deploys all code changes to a testing and/or production environment after the build stage. This means that in addition to automated testing, you have an automated release process, and can deploy your application at any time by clicking a button.
- Build servers
- Deployment platforms
- Security tests
- Functional tests
Bamboo, Selenium, Semgrep, SecureStack
- CloudOps team
- DevOps team
- Are disposable build environments secure?
- Are components being used during CI/CD known good?
- Security scans are automated as part of the deployment process
- Dynamic application security testing
- Static analysis security testing