Using the DevSecOps Maturity Model (dsomm.timo-pagel.de), designed by the speaker, different dimensions of security in DevOps are explained.
The content will be supported by hands-on tasks, which will be carried out exclusively using OpenSource tools.
- DevOps recap
- Threats to a build and deployment pipeline
- Measures to harden a build and deployment pipeline
- Docker security including patch management
- Automation of dynamic and static security tests
- Logging and monitoring in a DevOps world
- Optional: Continuous License Scanning
The OWASP DevSecOps Maturity Model with the following dimensions serves as orientation
Build and Deployment
Test and Verification
Information and IT Security Managers and DevOps Engineers.
- OWASP ZAP
- OWASP Dependency Check
Timo Pagel incorporates his knowledge from over 20 years in operations and development into his trainings. As a DevSecOps consultant, he not only advises at the strategic level but also lends a hand.