DevOps and Continuous Delivery practices are attracting the attention of many organizations looking to increase the speed of their application delivery, yet doing so the wrong way can risk both quality and security. In this webinar, Forrester analysts Kurt Bittner and Rick Holland will share their insights on how DevOps and Security teams can work better together to meet these challenges, along with best practices for bringing greater security to product development and delivery.
8. The future is already here — it's just
not very evenly distributed.
William Gibson
9. Could you manually deploy an airbag?
What if a hacker deployed your airbag
when you are driving at highway speed?
Source: https://farm4.staticflickr.com/3570/3654967093_8181dff16c_o.jpg
43. 44
Ensure only
authorized
changes
Automate and control deployments
Provide standard,
secure
environments
Develop,
Commit &
Build
Detect
vulnerabilities
Eliminate the
“console”
Detect
intrusions
Feedback
New Capabilities
Idea
proposed
Understand
Needs &
Invent
Solutions
Functional
Testing
Deploy
Solution
Customer
Value
Load,
Performance,
Security, …
Testing
UAT/Explora
tory Testing
Make release decisions based on test data
Release
Decision
44. 45
Benefits of basing release decisions on test data
Increased Confidence Reduced Risk
Fewer Incidents
Simplified Release Decisions
46. 47
Add slides on ARA– what it is, how it works
http://h30499.www3.hp.com/t5/Grounded-in-the-Cloud/Transform-DevOps-with-
Application-Release-Automation/ba-p/5952497#.VTZ73c5Gceo
Benefits of Automating Deployment
Increase reliability
Eliminate manual errors
A typical quarterly release at one company consisted of a spreadsheet
of over 1000 changes that needed to be made to deploy the software.
A THOUSAND OPPORTUNITIES FOR SOMETHING TO GO WRONG.
Increase speed
Reduce cost
http://pixabay.com/p-156676/?no_redirect
Perimeter is dead, but not the perimeters we have built up between teams
Operations, Architecture, Development, Security
Security is all about perimeters so ours are the worst. Department of no
One practical way to break down is use same tools