Building Security into the DevOps Life Cycle

Synopsys • June 29, 2020

The primary goal when breaking the build in the CI/CD DevOps life cycle is to treat security issues with the same level of importance as quality and business requirements. If quality or security tests fail, the continuous integration server breaks the build.

When the build breaks, the CI/CD pipeline also breaks. Based on the reason for the broken build, appropriate activities such as architecture risk analysis (ARA), threat modeling, or a manual code review are triggered.

This whitepaper provides actionable insight into:

Building security into your DevOps SDLC
Understanding the relationship between security and quality in the CI/CD pipeline
Coordinating various teams to ensure that the process is well defined, tools are properly configured, and developers are ready to resolve issues when the build break

Previous
KuppingerCole Executive View

Next
Application Security Buyers' Guide: Managing AppSec Risk Comprehensive Toolkit

You might also be interested in …

Unlocking Possibilities: Safeguarding Cyber Networks

Unlocking Possibilities: Safeguarding Cyber Networks

When One Door Opens: An Apple Wallet Badge Unlocks Many

When One Door Opens: An Apple Wallet Badge Unlocks Many

A CISO's Guide to Adversary Alignment

A CISO's Guide to Adversary Alignment

Free Cybersecurity Awareness Kit

Threat Intelligence: Data, People and Processes

Threat Intelligence: Data, People and Processes

2023 State of Threat Detection

The Ultimate Guide to Behavioral Analytics

The Ultimate Guide to Behavioral Analytics

Three Ways Endpoint Protection Delivers Enhanced Cyberdefense

Three Ways Endpoint Protection Delivers Enhanced Cyberdefense

DataOps & Multi-Cloud: Streamlining Data Management

►

DataOps & Multi-Cloud: Streamlining Data Management

Around the Network

Medical Device Cyberthreat Modeling: Top Considerations

Medical Device Cyberthreat Modeling: Top Considerations

Safeguarding Critical OT and IoT Gear Used in Healthcare

Safeguarding Critical OT and IoT Gear Used in Healthcare

Properly Vetting AI Before It's Deployed in Healthcare

Properly Vetting AI Before It's Deployed in Healthcare

Identity Security and How to Reduce Risk During M&A

Identity Security and How to Reduce Risk During M&A

Evolving Threats Facing Robotic and Other Medical Gear

Evolving Threats Facing Robotic and Other Medical Gear

Protecting Medical Devices Against Future Cyberthreats

Protecting Medical Devices Against Future Cyberthreats

Transforming a Cyber Program in the Aftermath of an Attack

Transforming a Cyber Program in the Aftermath of an Attack

How 'Security by Default' Boosts Health Sector Cybersecurity

How 'Security by Default' Boosts Health Sector Cybersecurity

Is It Generative AI's Fault, or Do We Blame Human Beings?

Is It Generative AI's Fault, or Do We Blame Human Beings?

How the NIST CSF 2.0 Can Help Healthcare Sector Firms

How the NIST CSF 2.0 Can Help Healthcare Sector Firms

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.