Learning DevSecOps: Integrating Continuous Security Across Your Organization

Learn how to implement continuous security throughout your entire  software development and delivery pipeline. With this hands-on book,  developers, SREs, tech leads, and security engineers will learn how to  combine their security process with their DevOps culture. You'll gain a  thorough understanding of the best DevSecOps practices, from the  construction of safer container images to the hardening of orchestrators  to the methods for securing your cloud environment. Michelle Ribeiro,  CEO of SPIRITSEC, shows you how to introduce security into DevOps  culture, methodologies, and tools. You'll learn how to take advantage of  contrasting security and DevOps cultures to build an effective  DevSecOps program. You'll also explore the four Cs of the cloud native  security model--code, container, cloud, and cluster security--by  following coded examples. Get a review of the current threat environment  to learn why security is becoming part of the DevOps movement Build an  effective DevSecOps program by bridging the gap between the InfoSec and  DevOps cultures Integrate security into the rapid-release cycles typical  of modern software application development and delivery Secure your  code, containers, clusters, and the cloud Avoid common DevSecOps  mistakes by looking at case studies from Netflix, Facebook, and HSBC.