Building Security into the DevOps Life Cycle
The primary goal when breaking the build in the CI/CD DevOps life cycle is to treat security issues with the same level of importance as quality and business requirements. If quality or security tests fail, the continuous integration server breaks the build.
When the build breaks, the CI/CD pipeline also breaks. Based on the reason for the broken build, appropriate activities such as architecture risk analysis (ARA), threat modeling, or a manual code review are triggered.
This whitepaper provides actionable insight into:
- Building security into your DevOps SDLC
- Understanding the relationship between security and quality in the CI/CD pipeline
- Coordinating various teams to ensure that the process is well defined, tools are properly configured, and developers are ready to resolve issues when the build break