With convenience on the developer side, based on dependencies, abstraction layers and the composition of technologies we are getting up speed in our production pipeline. But at the same time, it's Pandora's box in terms of security too. How can you close this gap and eliminate the weaknesses? I'll show you how to start with free tools to protect your stack against known security vulnerabilities, increase productivity while working fast efficient and comfortable and why quality based on an excellent test-coverage will be your safety belt.
What we will cover:
The evolution from "Dev and Ops" via "DevOps" to "DevSecOps."
Benefits and risks that exist through the use of OpenSource
How to aggregate various industry-relevant dependency management systems
How to integrate results in third-party audit systems using webhooks and REST API
Dynamic workflows and automated quarantine processes using webhooks and REST API
A simple mapping of company guidelines using rules, policies and watches through to the new vulnerabilities reports
Protection against changes in the environment as just happened with DockerHub