Episode 24: Putting The Sec Into DevOps

Episode 24 August 19, 2020 00:37:14
Episode 24: Putting The Sec Into DevOps
SilverLining IL
Episode 24: Putting The Sec Into DevOps

Aug 19 2020 | 00:37:14

/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

Attendees

Guest: Dima Revelis

Guest title: Senior Devops engineer

Company: MoonActive

Abstract

DevsecOps is accelerating fast as the new buzzword for modern information security practices. In this episode we use the expertise of Dima Revelis in order to dive deep into understanding DevOps practices, what is CI/ CD pipeline and which security tools are relevant for all of those new practices.

Timing:

0:00 - Introducing our guest

2:50 - What is devops

7:50 - What is deployment pipeline

14:20 - What is CI and which security testing can be implemented

17:20 - What is CD and which security consideration 

18:40 - Dive deeper into security testing - QA, code review, static & dynamic   analysis

20:45 - So much automation, do we still need manual testing? 

22:30 - Additional security aspects: using Jenkins, authentication and authorization, secret management

26:40 - Availability considerations and disaster recovery

33:30 - Summary and final words

Other Episodes

Episode 42

October 06, 2021 00:19:48
Episode Cover

SilverLining Episode 42: How to mature devsecops operations

Guest: Hemi Gur-Ary  Guest Title: Co-Founder & CEO at VATA Abstract:  Various organizations around the world are struggling to build & mature their devsecops...

Listen

Episode 1

November 04, 2018 00:37:41
Episode Cover

Episode 1: Security Challenges With The Growing World Of Serverless Functions

Attendees Guest: Ory Segal, Puresec Guest title:  CTO & Co-Founder at PureSec Company:  Puresec is the global leader in serverless architectures security.   Serverless functions...

Listen

Episode 53

August 25, 2022 00:30:56
Episode Cover

SilverLining Episode 53: Automating Infrastructure Pipelines

Guest: Rob Hirschfeld  Guest Title: CEO & Co-Founder at RackN Topic: Automating Infrastructure Pipelines Language: English   Abstract In modern applications, Infrastructure automation is an...

Listen