Best Practices for securing CI/CD Pipelines or how to get Security right | Victoria Almazova

Speaker: Victoria Almazova (Microsoft) | https://devopsconference.de/speaker/v...

DevOps practices are in a place, containers are everywhere, pipelines are flying. We do Agile. We do DevOps. Now we should focus on following security practices for protecting the deployed resources, too. This is a reason why DevSecOps is not a hype anymore and is gaining more prominence. There is a lot of information about DevSecOps, but how to do it properly? Where to start? What are the best practices?

In this session, we will walk through an end-to-end scenario where we will deploy infrastructure components and solutions securely to the cloud. We will build a pipeline with security in mind to protect and detect potential security flaws during the build. We will focus on main the principles that you can apply to the most popular and used solutions and tools.
You will learn essential concepts:
- how to build an end-to-end CI/CD pipeline that builds the application and deploys infrastructure with security checks for the application, containers, and infrastructure;
- what security tools are available for CI/CD pipelines and the best way to implement them into different Git workflows;
- best practices and patterns of building security pipelines.

🤗 Join us at the next DevOpsCon: https://devopsconference.de/ | The Conference for Continuous Delivery, Microservices, Containers, Cloud & Lean Business
👉 Follow us on Twitter:   / devops_con  
👍 Like us on Facebook:   / devopscon