0% found this document useful (0 votes)

115 views3 pages

Presentation 1

Developers collaborate with IT operations and information security teams to harden artifacts like container images and virtual machine images. Security is integrated into the development process through threat modeling, code reviews, and scans for security issues. Artifacts must pass security criteria to promote through environments like development, QA, staging, and production, and monitoring continues to detect security drift.

Uploaded by

abishekvs

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

115 views3 pages

Presentation 1

Uploaded by

abishekvs

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 3

Security Hardening of Artifacts

App

Infra
Facilitates
Security
Info Sec Vulnerability of Patching Artifacts Defect Tracking System
Container Images, VM Artifacts
Collaborates

IT Ops

Reviews and Contributes

to Infra Code Promote to QA
Dev Environment
with security as acceptance criterion
Threat Modelling
Peer Code Review QA Environment
Pulls &
Code Commits
Builds
Promote to Staging
Developer Staging Environment with security as acceptance criterion
Software Component Analysis
Change to Infra / Code Incremental SAST
Security Unit/Function Test
Alert on high-risk code change
Compile build Checks
Prod Environment Baseline security assessment

Monitor Drift from Baseline Security

Smoke Test/Monkeys
DAST Scans Monitoring/Continuous
Code Scan for Security Issues
Deep SAST Scans vulnerability scans
Current on known patches and vulnerabilities ? Automated Security Attacks Red Teaming
Fuzzing Bug Bounties
Pen Testing (Out of Band)
App
Security Hardening of Artifacts
Infra
Facilitates
Security
Info Sec Vulnerability of Patching Artifacts
Defect Tracking System
Container Images, VM Artifacts
Collaborates

IT Ops

Reviews and Contributes

Monitor Drift from Baseline Security

Smoke Test/Monkeys
DAST Scans Monitoring/Continuous
Code Scan for Security Issues
Deep SAST Scans vulnerability scans
Current on known patches and vulnerabilities Automated Security Attacks Red Teaming
Fuzzing Bug Bounties
Pen Testing (Out of Band)

Suse 12 To 15 Upgrade
No ratings yet
Suse 12 To 15 Upgrade
6 pages
SIIM Live Learning Center (Curriculum Module (Exam) )
No ratings yet
SIIM Live Learning Center (Curriculum Module (Exam) )
11 pages
Red Teaming Frameworks and Methodologies
No ratings yet
Red Teaming Frameworks and Methodologies
1 page
RSA BattleCard
No ratings yet
RSA BattleCard
6 pages
Work It Daily - Resume Template
No ratings yet
Work It Daily - Resume Template
2 pages
Ems E3
No ratings yet
Ems E3
1 page
Passing Unix Linux Audit With Power Broker
100% (2)
Passing Unix Linux Audit With Power Broker
11 pages
TDWI Checklist Report Six Capabilities To Eliminate Data Chaos SAP Loshin Russom Web PDF
No ratings yet
TDWI Checklist Report Six Capabilities To Eliminate Data Chaos SAP Loshin Russom Web PDF
12 pages
Automated Methods For Generating Least Privilege Access Control Policies - Principle of Least Privilege (PoLP)
No ratings yet
Automated Methods For Generating Least Privilege Access Control Policies - Principle of Least Privilege (PoLP)
117 pages
NetPro Template Sent
100% (1)
NetPro Template Sent
186 pages
Octave PDF
No ratings yet
Octave PDF
51 pages
CISO Proposal 23dec2015
No ratings yet
CISO Proposal 23dec2015
7 pages
Tripwire CCM Policies and Platform Support 2015Q4 Datasheet
100% (1)
Tripwire CCM Policies and Platform Support 2015Q4 Datasheet
12 pages
Salesforce Community Managers Guide
No ratings yet
Salesforce Community Managers Guide
83 pages
Soc Handbook
No ratings yet
Soc Handbook
16 pages
Thrive Pitch Deck With MSSP PDF
No ratings yet
Thrive Pitch Deck With MSSP PDF
11 pages
Cyber Security Training Cum Certification Program
No ratings yet
Cyber Security Training Cum Certification Program
6 pages
PIFSS IT Quality Assurance Office: Public Institution For Social Security
No ratings yet
PIFSS IT Quality Assurance Office: Public Institution For Social Security
7 pages
Charles CS Analyst
No ratings yet
Charles CS Analyst
3 pages
Best Practices Guide For IT Governance & Compliance
No ratings yet
Best Practices Guide For IT Governance & Compliance
14 pages
HIPAA Compliance Checklist
No ratings yet
HIPAA Compliance Checklist
3 pages
Ransomware Defense BDA
No ratings yet
Ransomware Defense BDA
55 pages
Authorizations Under HIPAA : C:/my Documents/authorizations
No ratings yet
Authorizations Under HIPAA : C:/my Documents/authorizations
6 pages
Cyber Security
No ratings yet
Cyber Security
4 pages
Summary of The HIPAA Security Rule
No ratings yet
Summary of The HIPAA Security Rule
7 pages
Cyber Security
100% (1)
Cyber Security
38 pages
IT Infrastructure Project Management in Atlanta GA Resume Deborah Thornton
No ratings yet
IT Infrastructure Project Management in Atlanta GA Resume Deborah Thornton
2 pages
Control Control Requirements: Statement of Applicability
No ratings yet
Control Control Requirements: Statement of Applicability
3 pages
Vdocument - in - Iot Penetration Test Report Iot Penetration Test Report Momentum Axel 720p
No ratings yet
Vdocument - in - Iot Penetration Test Report Iot Penetration Test Report Momentum Axel 720p
15 pages
Technical Writer Content Strategist in San Francisco Bay CA Resume Catherine Lush
No ratings yet
Technical Writer Content Strategist in San Francisco Bay CA Resume Catherine Lush
2 pages
Agile Infrastructure Management With: Digital Security
No ratings yet
Agile Infrastructure Management With: Digital Security
11 pages
Road Map Governance v0.1
No ratings yet
Road Map Governance v0.1
2 pages
Proposal for Preliminary Gap Assessment and Compliance Audit as Per IRDAI Information and Cyber Security Guidelines
No ratings yet
Proposal for Preliminary Gap Assessment and Compliance Audit as Per IRDAI Information and Cyber Security Guidelines
23 pages
VERITY Brochure
No ratings yet
VERITY Brochure
6 pages
Audit Program For VMWare, and Netapp Controls in XYZ Co-Location Data Center
No ratings yet
Audit Program For VMWare, and Netapp Controls in XYZ Co-Location Data Center
9 pages
Antivirus Software in Comparison
100% (1)
Antivirus Software in Comparison
12 pages
NSE Quiz 1
No ratings yet
NSE Quiz 1
5 pages
CO Product-Security-Infographic CS EN
No ratings yet
CO Product-Security-Infographic CS EN
1 page
SDLC Phase 08 Implementation Phase Multiple Hardware
No ratings yet
SDLC Phase 08 Implementation Phase Multiple Hardware
12 pages
Framework Summary Overview
No ratings yet
Framework Summary Overview
8 pages
Varonis Data Risk Assessment: Sample Report: Acme
No ratings yet
Varonis Data Risk Assessment: Sample Report: Acme
12 pages
Project Proposal Template
No ratings yet
Project Proposal Template
4 pages
Cyber Security Vendor Landscape
100% (1)
Cyber Security Vendor Landscape
4 pages
Architecting For HIPAA Security and Compliance On Amazon Web Services
No ratings yet
Architecting For HIPAA Security and Compliance On Amazon Web Services
56 pages
Zero Trust Guidance For Critical Infrastructure - OT - ICS - Presentation
No ratings yet
Zero Trust Guidance For Critical Infrastructure - OT - ICS - Presentation
24 pages
Technical Communicator Instructional Designer in Phoenix AZ Resume Debra Gabriel
No ratings yet
Technical Communicator Instructional Designer in Phoenix AZ Resume Debra Gabriel
3 pages
HIPAA Security101 For Covered Entities
No ratings yet
HIPAA Security101 For Covered Entities
11 pages
Biennial Information Security Plan Template For Non-SPECTRIM Organizations
No ratings yet
Biennial Information Security Plan Template For Non-SPECTRIM Organizations
130 pages
CAIQ Lite
No ratings yet
CAIQ Lite
12 pages
An Evaluation Framework for Cybersecurity Maturity Aligned with the NIST CSF
No ratings yet
An Evaluation Framework for Cybersecurity Maturity Aligned with the NIST CSF
20 pages
certMILS D2.3 Security Architecture Template PU M16
No ratings yet
certMILS D2.3 Security Architecture Template PU M16
24 pages
In Ra CSCRF For Sebi Regulated Entities Deloitte India 20.09 Noexp
No ratings yet
In Ra CSCRF For Sebi Regulated Entities Deloitte India 20.09 Noexp
9 pages
TRA Checklist
No ratings yet
TRA Checklist
20 pages
Hipaa Compliance Management Program (HCMP) : Infosight'S HCMP Includes
No ratings yet
Hipaa Compliance Management Program (HCMP) : Infosight'S HCMP Includes
2 pages
15 COBIT5-FAQs
No ratings yet
15 COBIT5-FAQs
4 pages
The Forrester Wave™ - Security Awareness and Training Solutions, Q1 2020
No ratings yet
The Forrester Wave™ - Security Awareness and Training Solutions, Q1 2020
16 pages
Presentation 5
No ratings yet
Presentation 5
12 pages
NCCoE UMD Pitch
No ratings yet
NCCoE UMD Pitch
16 pages
Shrivastava DevSecOps What Why and How
No ratings yet
Shrivastava DevSecOps What Why and How
50 pages
Security Tools used in DevOps
No ratings yet
Security Tools used in DevOps
4 pages
Advanced_Task3_Web_Application_Security
No ratings yet
Advanced_Task3_Web_Application_Security
15 pages
Advanced Dev Se Cops Questions Recall Notes
No ratings yet
Advanced Dev Se Cops Questions Recall Notes
35 pages
Learn-Keyboard .Co - Uk: Learn How To Play Electronic Keyboard or Piano
No ratings yet
Learn-Keyboard .Co - Uk: Learn How To Play Electronic Keyboard or Piano
13 pages
Full Version Is HERE
No ratings yet
Full Version Is HERE
4 pages
DevOps Notes
No ratings yet
DevOps Notes
2 pages
Request For Contract Change / Project Request
No ratings yet
Request For Contract Change / Project Request
10 pages
Letter of Recommendation
No ratings yet
Letter of Recommendation
1 page
Oracle GoldenGate Notes
No ratings yet
Oracle GoldenGate Notes
9 pages
Gridsetup With Patch
No ratings yet
Gridsetup With Patch
5 pages
CR Q GB 0000582333
No ratings yet
CR Q GB 0000582333
42 pages
2016 Security Awareness (EN) Abishek Vidyashanker: Date / Time Student Score Passing Score Result
No ratings yet
2016 Security Awareness (EN) Abishek Vidyashanker: Date / Time Student Score Passing Score Result
1 page
Demonstrating Value With BMC Server Automation (Bladelogic)
No ratings yet
Demonstrating Value With BMC Server Automation (Bladelogic)
56 pages
Effective Awk Programming Third Edition
No ratings yet
Effective Awk Programming Third Edition
448 pages
Change Management and Control Policy V3.0
No ratings yet
Change Management and Control Policy V3.0
8 pages
Sample Soil Report
No ratings yet
Sample Soil Report
64 pages
HRM Exam
No ratings yet
HRM Exam
10 pages
The Fashion Channel: Case Questions
No ratings yet
The Fashion Channel: Case Questions
8 pages
VCP DCV Vsphere 7 Community Study Guide
100% (1)
VCP DCV Vsphere 7 Community Study Guide
329 pages
The Pilgrim Kamanita by Karl Gjellerup
No ratings yet
The Pilgrim Kamanita by Karl Gjellerup
213 pages
ArchiSource Catalog 2019 PDF
100% (1)
ArchiSource Catalog 2019 PDF
433 pages
SSP 297 Touareg
100% (1)
SSP 297 Touareg
56 pages
Eva & Roi
No ratings yet
Eva & Roi
3 pages
Project
No ratings yet
Project
22 pages
Python Cheat Sheet
No ratings yet
Python Cheat Sheet
30 pages
BCO Past Paper Attempt Timed
No ratings yet
BCO Past Paper Attempt Timed
11 pages
Junction Diode
No ratings yet
Junction Diode
12 pages
Class 10 AI Half Yearly
No ratings yet
Class 10 AI Half Yearly
1 page
697-01
No ratings yet
697-01
21 pages
Ste - Unit3 - Presentation Updated
No ratings yet
Ste - Unit3 - Presentation Updated
31 pages
Chapter 7
No ratings yet
Chapter 7
18 pages
2935 0254 20_Equalizer_4
No ratings yet
2935 0254 20_Equalizer_4
3 pages
Berries in Dermatology
No ratings yet
Berries in Dermatology
2 pages
Mastering Organizational Behavior 14th Edition Cooper Test Bank
100% (41)
Mastering Organizational Behavior 14th Edition Cooper Test Bank
23 pages
NCERT Class XII Political Science II: Chapter 4 - India's External Relations
No ratings yet
NCERT Class XII Political Science II: Chapter 4 - India's External Relations
18 pages
DSP-UNIT-5 Objective
No ratings yet
DSP-UNIT-5 Objective
5 pages
Zodiac Milpro - SRR 420
No ratings yet
Zodiac Milpro - SRR 420
2 pages
Anticholinergic
No ratings yet
Anticholinergic
6 pages
Mca C104
No ratings yet
Mca C104
3 pages
Catálogo Maxpedition 2014 - FoxBravo
No ratings yet
Catálogo Maxpedition 2014 - FoxBravo
76 pages
Max 16841 Ev Kit
No ratings yet
Max 16841 Ev Kit
16 pages
Nippon Piston Ring Co.,Ltd.: Fit for SUZUKI ／スズキ Fit for SUZUKI ／スズキ
No ratings yet
Nippon Piston Ring Co.,Ltd.: Fit for SUZUKI ／スズキ Fit for SUZUKI ／スズキ
3 pages
Last Call at The Nightshade Lounge Excerpt
0% (1)
Last Call at The Nightshade Lounge Excerpt
19 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Presentation 1

Uploaded by

Presentation 1

Uploaded by

Security Hardening of Artifacts

Reviews and Contributes

Monitor Drift from Baseline Security

Reviews and Contributes

Monitor Drift from Baseline Security

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.