How to Build DevSecOps Pipeline as Code with Hasan Yasar

TestGuild Devops Toolchain Podcast

English - September 20, 2023 12:20 - 33 minutes - 36 MB - ★★★★★ - 3 ratings
How To Education Technology sre performancetesting performancetestingtools sitereliability Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: DevOps In Test with Rosalind Radcliffe

Next Episode: Achieving Observability Goals with BugSnag with Eran Grabiner and Justin Collier

Last week, I shared a session from a previous Automation Guild, but this week, I'd like to share a session from our previous SecureGuild. So here is a presentation by Hasan Yasar on How to build a DevSecOps Pipeline as Code!

You've heard the hype and read dozens of blog posts on DevSecOps. Finally, your organization has decided to make this cultural shift to take advantage of automation and the benefits of DevOps.

However, making this shift as an engineering team can often be cumbersome because many tech professionals still need to familiarize themselves with the technologies required to implement a complete DevOps pipeline, including security automation.

In this talk, Hasan will introduce Microcosm, a miniature, secure DevOps pipeline he developed at the SEI, available through infrastructure as code. Microcosm represents a miniature version of a secure DevOps pipeline compared to what you find in a large enterprise environment.

Listen up as Hassan goes over crucial principles of the DevSecOps pipeline and shares his lesson-learned examples with the Security community.