A Definition of Done for DevSecOps

[presentation]

Gene Gotimer

DevOps West 2018

Agile Dev West 2018

Better Software West 2018

Summary:

[video:https://youtu.be/oQE8ysEvzaQ width:300 height:200 align:right]

DevOps needs to consider many different aspects of software quality to deliver reliable software continuously. The term DevSecOps was developed to highlight that security is a key component of quality and cannot be ignored during continuous delivery. Join Gene Gotimer as he discusses how to determine a definition of done that includes security for DevOps pipelines. He'll discuss how continuous integration can invoke static analysis tools to test for security errors and check for software vulnerabilities. You'll learn how automated deployments and virtualization make dynamic environments available for testing in a production-like setting, and explore approaches to leverage existing regression tests to test for security as a side effect. Gene will reveal how a DevOps pipeline can be designed with security in mind. You will leave this presentation with an understanding of how to construct a definition of done that includes security and how to choose security testing practices that assure you are doing DevSecOps properly.

File:

Tags:

About the Presenter

Gene Gotimer is a proven senior software architect with many years of experience in web-based enterprise application design, most recently using Java. He is skilled in agile software development as well as legacy development methodologies and designing and developing secure, high-quality software. He has extensive experience establishing and using development ecosystems including continuous integration, continuous delivery, DevOps, unit testing, and a variety of software assurance tools and supporting processes. Gene feels strongly that repeatability, quality, and security are all strongly intertwined; each of them is dependent on the other two, which just makes agile and DevOps that much more crucial to software development.

Upcoming Events

Apr 28	STAREAST Software Testing Conference in Orlando & Online
Jun 02	AI Con USA Bridging Minds and Machines
Sep 22	STARWEST Software Testing Conference in Anaheim & Online
Oct 13	Agile + DevOps USA The Conference for Agile and DevOps Professionals

Recommended Web Seminars

May 09	Beyond Compliance: Ensuring Accessibility with Innovative Testing Strategies
May 16	Test Ahead of the Curve: Insights for Developing a Superior Test Coverage
May 23	How Generative AI Boosts Speed and Quality in Software Testing
On Demand	Building Confidence in Your Automation
On Demand	Leveraging Open Source Tools for DevSecOps

See All

Featured Resources

Introducing DevOps into Your Project eGuide | TechWell

Introduction to Containers eGuide | TechWell

Scrum Master Essentials eGuide | TechWell

The Total Economic Impact of Keysight Eggplant Test Automation Software | Keysight

Build vs. Buy: The Hidden Costs of In-House Software Test Automation | Keysight

Visit Our Other Communities

Bringing you today’s best agile ideas and thought-leaders with how-to advice on the latest agile development & methodology practices.

Where configuration management and development professionals go for answers on SCM, ALM, change management, DevOps, tools and more.