Skip to content

ilmila/DevSecOps-MaturityModel

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

111 Commits
assets
assets
 
 
data
data
 
 
js
js
 
 
locale
locale
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
RadarChart.js
RadarChart.js
 
 
bib.php
bib.php
 
 
data-yml.php
data-yml.php
 
 
data.csv
data.csv
 
 
data.php
data.php
 
 
detail.php
detail.php
 
 
graph.php
graph.php
 
 
head.php
head.php
 
 
index.php
index.php
 
 
information.php
information.php
 
 
messages.mo
messages.mo
 
 
messages.po
messages.po
 
 
navi.php
navi.php
 
 
print.css
print.css
 
 
report-samm.php
report-samm.php
 
 
report.php
report.php
 
 
script.js
script.js
 
 
scutter.php
scutter.php
 
 
selectedData.csv
selectedData.csv
 
 
spiderweb.css
spiderweb.css
 
 
spiderweb.php
spiderweb.php
 
 
spiderwebData.php
spiderwebData.php
 
 
startDocker.bash
startDocker.bash
 
 
usefulnessHardness.php
usefulnessHardness.php
 
 

Repository files navigation

From a startup to a multinational corporation the software development industry is currently dominated by agile frameworks and product teams and as part of it DevOps strategies. It has been observed that during the implementation, security aspects are usually neglected or are at least not sufficient taken account of. It is often the case that standard safety requirements of the production environment are not utilized or applied to the build pipeline in the continuous integration environment with containerization or concrete docker. Therefore, the docker registry is often not secured which might result in the theft of the entire company’s source code.

The DevSecOps Maturity Model, which is presented in the talk, shows security measures which are applied when using DevOps strategies and how these can be prioritized.

With the help of DevOps strategies security can also be enhanced. For example, each component such as application libraries and operating system libraries in docker images can be tested for known vulnerabilities.

Attackers are intelligent and creative, equipped with new technologies and purpose. Under the guidance of the forward-looking DevSecOps Maturity Model, appropriate principles and measures are at hand implemented which counteract the attacks.

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 87.7%
  • PHP 9.3%
  • CSS 2.9%
  • Other 0.1%