How do you build security and compliance into your DevOps platforms and pipelines? With this O’Reilly report, security analysts, security engineers, and pen testers will learn how to leverage the same processes and tools—such as version control, containers, and Continuous Delivery—that DevOps practitioners use to automate software delivery and infrastructure changes. In other words, you’ll understand how to use DevOps to secure DevOps.
Author Jim Bird uses case studies from Etsy, Netflix, and the London Multi-Asset Exchange (LMAX) to illustrate the steps leading organizations have taken to secure their DevOps processes. If you understand application and infrastructure security, and have some familiarity with DevOps and Agile development practices and tools, this report is the ideal place to start.
This report shows you how to:
Jim Bird, CTO of a major US-based institutional alternative trading system, has more than 20 years of experience in financial services technology, including Agile and DevOps environments. He is an expert in application security, and is actively involved in the OWASP community and with the SANS Institute.