DevSecOps Best Practices and Considerations

Post on 17-Feb-2022

6 views 0 download

Preview:

Click to see full reader
Report this document
SHARE

transcript

DevSecOps Best Practices and Considerations

Applied Resilience for Mission SystemsDarby Mitchell

DevSecOps Methods1

This conceptual model serves as a guide for which methods and practices to consider when applying DevSecOps methodology to software-intensive DoD systems. Successfully employing these methods requires a commitment to embrace modern software development culture and philosophy.

Attempting to apply these methods in the absence of such a change in culture is unlikely to succeed. It is also important to tailor these practices to the specific program needs, as not all practices are equally appropriate for all programs. However, we believe that all programs could benefit from using this

framework to reason about their employment of DevSecOps methodology. 1 Informed by DoD DevSecOps Initiative: http://dccscr.dsop.io

For more information contact: ARMS@LL.MIT.EDU

DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited. This material is based upon work supported by the United States Air Force under Air Force Contract No. FA8702-15-D-0001. Any opinions, findings, conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Air Force.

Development Continuous Integration Provision Deployment

InfrastructureAutomation

Deployment Orchestration

Interface Validation

Continuous Monitoring

OperationsValidation

Release Packaging

Base Image Provenance

Automated Build

Automated Unit Testing

Static Analysis

Integration Testing

Code Quality Metrics

Version Control

Coding Standards

Dependency Analysis

Observability

Test-Driven Design

Instance Provisioning

Compliance/ Accreditation

Chaos Engineering

Credential Management

Peer Review

Dynamic Analysis

Canary Deployments

Rolling Updates

Instant Rollback

Practice Recovery

Vulnerability Scanning

Deployment Validation

Planning

Customer Involvement

Issue Tracking

Release Planning

Sprint Planning

Small Releases

Threat Modeling

Sustainable Velocity

Upstream Feedback

Promotional Model

Architecture-First Approach

Top related

How Security Best Practices Enable DevOpsData ......How Security Best Practices Enable DevOpsData Transformation -DevSecOps 2019 QSC India Conference Deepak NaikI Vice President |
Documents
RTI: Reasons, Practices, Systems, & Considerations
Documents
DevSecOps - The big picture
Technology
DevSecOps PRACTICES FOR AN AGILE AND SECURE IT SERVICE ... · DevSecOps practices for an agile and secure it service management. Journal of Management Information and Decision Sciences,
Documents
Technical Considerations and Best Practices in Imagery …wvgis.wvu.edu/conference/2014/Wed_Track3/WVAGP_Sanborn_Imager… · Technical Considerations and Best Practices in Imagery
Documents
DevSecOps Fundamentals
Documents
Does DevSecOps really exist?
Software
Religious Practices and Considerations for Cancer ...
Documents
DevSecOps PLAYBOOK - Cprime
Documents
Cloud DevSecOps and compliance considerations leveraging ...aws-de-media.s3.amazonaws.com/images/AWS_Summit... · © 2018, Amazon Web Services, Inc. or its affiliates. All rights
Documents
DevSecOps in 10 minutes
Software
Wind Farm Construction Practices and Considerations
Documents
DevSecOps Overview - NYS Forum Home · 11/14/2018  · DevSecOps Overview November 14, 2018 ... 3 Benefits of DevSecOps 4 How to Implement DevSecOps 5 Summary / Questions. Security
Documents
DevSecOps Insights - Snyk
Documents
Board Succession Planning Considerations & Best Practices
Documents
DevSecOps Fundamentals Playbook
Documents
CSA - DevSecOps v1 compressed//aws.amazon.com/blogs/devops/implementing-devsecops-using-aws-codepipeline/ CodePipeline security group ... CSA - DevSecOps v1 compressed Created Date:
Documents
Regulatory Considerations and Management Practices for the ...ilsirf.org/wp-content/uploads/sites/5/2016/06/P.PaesdeAndrade.pdf · Regulatory Considerations and Management Practices
Documents
Considerations for Transmission Reclosing Practices
Documents
Plenary Session Strategic Considerations and Best Practices.
Documents

Copyright © 2018 DOCUMENTS