Why Follow the SDLC?
To ensure reuqirements are met, while also minimizing risks
What is the SDLC?
The software development Life Cycle is a structured process for building quality software in a cost effective and time efficient way
What’s Agile?
Methodology of continuous development and testing iterations in the SDLC
What’s DevOps?
- Combination of software development and IT operations
- Ensures continous delivery of quality software
What is the DevOps Lifeycle?
Dev:
- Plan
- Code
- Build
- Test
Ops:
- Release
- Deploy
- Operate
- Monitor
Define the Plan Phase in DevOps
- Defining what your team will do in each iteration
- Focus on your shower
Define the Code Phase in DevOps
Creating Code Collaboratively
Define the Build Phase in DevOps
Converting source code into build artifacts
Define the Test Phase in DevOps
Continous testing to provide feedback on business risks
Define the Release Phase in DevOps
- Change Management
- Release Approvals
- Release Automation
Define the Deploy Phase in DevOps
Software is released into live production environment
Define Operate Phase in DevOps
Maintaining software stability, reliability, and availability to users
What is Continuous Feedback in DevOps?
- Creating solutions from a user point of view
What are the DevOps Core Pillars?
- Continous Integration (CI)
- Continous Delivery (CD)
- Continous Feedback
Agile vs DevOps?
- Agile is faster, focusing on iterations
- DevOps encorporates agile characteristics into the entire development pipeline
What is DevSecOps?
Security with DevOps integration
What is Sec in DevSecOps?
Introducing Security earlier in the software development cycle
What are the Benefits of DevSecOps?
- Catching software vulnerabilities early
- Reduce time to market
- Ensure regulatory compliance
- Building a security-aware culture
- Develop New Features Securely
What are the Advantages of DevSecOps?
- Reduced risk of data breaches
- Improved compliance
- Greater confidence in dependencies
- Value gets to end users faster
What are the Best Practices in DevSecOps?
- Create a DevSecOps culture
- Design security into the product
- Build a threat modeling practice
- Automate for speed and security
- Shift left (development security)
- Shift Right (post-development security)
- Use Automated Security Tools
- Promote Security Awareness
What is the DevSecOps Mindset?
Security is not an afterthought, its built into every stage of development
What are the Aspects of DevSecOps?
- Code Analysis
- Change management
- Compliance management
- Threat Modelling
- Security Training
Define the DevSecOps Culture?
- Automation alone will not solve problems
- Focus on collaboration and inclusive culture
- Encourage security mindset
What are the Stages of the DevSecOps Pipeline?
- Plan
- Code
- Build
- Test
- Release
- Deploy
- Operate and Monitor
