Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Checkout

Change country

Modal Close icon
Country selected Country selected
country flag United States
Country selected
country flag Great Britain
Country selected
country flag India
Country selected
country flag Germany
Country selected
country flag France
Country selected
country flag Canada
Country selected
country flag Russia
Country selected
country flag Spain
Country selected
country flag Brazil
Country selected
country flag Australia
Country selected
country flag South Africa
Country selected
country flag Thailand
Country selected
country flag Ukraine
Country selected
country flag Switzerland
Country selected
country flag Slovakia
Country selected
country flag Luxembourg
Country selected
country flag Hungary
Country selected
country flag Romania
Country selected
country flag Denmark
Country selected
country flag Ireland
Country selected
country flag Estonia
Country selected
country flag Belgium
Country selected
country flag Italy
Country selected
country flag Finland
Country selected
country flag Cyprus
Country selected
country flag Lithuania
Country selected
country flag Latvia
Country selected
country flag Malta
Country selected
country flag Netherlands
Country selected
country flag Portugal
Country selected
country flag Slovenia
Country selected
country flag Sweden
Country selected
country flag Argentina
Country selected
country flag Colombia
Country selected
country flag Ecuador
Country selected
country flag Indonesia
Country selected
country flag Mexico
Country selected
country flag New Zealand
Country selected
country flag Norway
Country selected
country flag South Korea
Country selected
country flag Taiwan
Country selected
country flag Turkey
Country selected
country flag Czechia
Country selected
country flag Austria
Country selected
country flag Greece
Country selected
country flag Isle of Man
Country selected
country flag Bulgaria
Country selected
country flag Japan
Country selected
country flag Philippines
Country selected
country flag Poland
Country selected
country flag Singapore
Country selected
country flag Egypt
Country selected
country flag Chile
Country selected
country flag Malaysia
Country selected
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Hands-On Security in DevOps

You're reading from   Hands-On Security in DevOps Ensure continuous security, deployment, and delivery with DevSecOps

Arrow left icon
Product type Paperback
Published in Jul 2018
Publisher
ISBN-13 9781788995504
Length 356 pages
Edition 1st Edition
Concepts
Arrow right icon
Author (1):
Arrow left icon
Hsu Hsu
Author Profile Icon Hsu
Hsu
LinkedIn
Tony Hsiang-Chih Hsu is a senior security architect, software development manager, and project manager with more than 20 years' experience in security services technology. He has extensive experience of the Secure Software Development Lifecycle (SSDLC) in relation to activities including secure architecture/design review, secure code review, threat modeling, automated security testing, and cloud service inspection. He is also an in-house SDL trainer, having offered hands-on courses totaling in more than 300 hours. He is also the author of Hands-on Security in DevOps, and a co-author of several Open Web Application Security Project (OWASP) projects, including the OWASP testing guide, a proactive control guide, deserialization, cryptographic, and the XXE prevention cheatsheet.
Read more
See other products by Hsu
Arrow right icon
View More author details
Toc

Table of Contents (28) Chapters Close

Title Page
Copyright and Credits
Packt Upsell
Contributors
Preface
1. DevSecOps Drivers and Challenges FREE CHAPTER 2. Security Goals and Metrics 3. Security Assurance Program and Organization 4. Security Requirements and Compliance 5. Case Study - Security Assurance Program 6. Security Architecture and Design Principles 7. Threat Modeling Practices and Secure Design 8. Secure Coding Best Practices 9. Case Study - Security and Privacy by Design 10. Security-Testing Plan and Practices 11. Whitebox Testing Tips 12. Security Testing Toolkits 13. Security Automation with the CI Pipeline 14. Incident Response 15. Security Monitoring 16. Security Assessment for New Releases 17. Threat Inspection and Intelligence 18. Business Fraud and Service Abuses 19. GDPR Compliance Case Study 20. DevSecOps - Challenges, Tips, and FAQs 1. Assessments 2. Other Books You May Enjoy Index

Operation goal/metrics

Based on the SAMM, operational goals can be categorized into three functions: are issue management, environmental hardening, and operational enablement. Let's discuss some of the best practices in each function.

Issue management

Issue management here means how security incidents, vulnerability issues, or security breaches are handled. There should be a vulnerability process in place that involves both the DevOps and Dev team.

In an organization-level security assurance program, it's a must to define security incident and vulnerability response processes and also root cause analysis templates. NIST SP800-61 is a good reference for an organization to establish a security incident response process. It defines an incident handling action checklist in three stages. They are Detection and Analysis; Containment, Eradication, and Recovery, and Post-Incident Activity.

The table lists typical security activities during a security incident handling cycle:

Stage

Development Team

DevOps...

lock icon The rest of the chapter is locked
arrow left Previous Section
Section 5 of 8
Next Section arrow right
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Authors (1)

Profile icon Hsu
Hsu
LinkedIn icon
Tony Hsiang-Chih Hsu is a senior security architect, software development manager, and project manager with more than 20 years' experience in security services technology. He has extensive experience of the Secure Software Development Lifecycle (SSDLC) in relation to activities including secure architecture/design review, secure code review, threat modeling, automated security testing, and cloud service inspection. He is also an in-house SDL trainer, having offered hands-on courses totaling in more than 300 hours. He is also the author of Hands-on Security in DevOps, and a co-author of several Open Web Application Security Project (OWASP) projects, including the OWASP testing guide, a proactive control guide, deserialization, cryptographic, and the XXE prevention cheatsheet.
Read more
See other products by Hsu

Other recommended products

Related to this chapter
Left arrow icon
Practical Security Automation and Testing
Practical Security Automation and Testing
Read more
Security automation is the automatic handling of software security assessments tasks. This book helps you to build your security automation framework to scan for vulnerabilities without human intervention.
Read more
Feb 2019 8h 32m
Practical Cyber Intelligence
Practical Cyber Intelligence
Read more
Cyber intelligence is the missing link between your cyber defense operation teams, threat intelligence, and IT operations to provide your organization with a full spectrum of defensive capabilities. This book kicks off with the need for cyber intelligence and why it is required in terms of a defensive framework.
Read more
Mar 2018 10h 44m
CISSP (ISC)² Certification Practice Exams and Tests
CISSP (ISC)² Certification Practice Exams and Tests
Read more
With over 1000 practice questions, explanations of all 8 domains, and 2 full exams, this book is a fantastic exam prep solution. Take the CISSP exam (version May 2021) confidently with the help of mock questions and detailed solutions and validate your skills with the CISSP (ISC)2 certification.
Read more
Sep 2021 13h 12m
Information Security Handbook
Information Security Handbook
Read more
Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book covers the concept of information security, and shows you why it's important.
Read more
Dec 2017 11h 0m
IoT Penetration Testing Cookbook
IoT Penetration Testing Cookbook
Read more
IoT is an upcoming trend in the IT industry today; there are a lot of IoT devices on the market but there is a minimal understanding of how to safeguard them. If you are a security enthusiast or pentester, this book will help you understand how to exploit and secure IoT devices. You will learn how to identify vulnerabilities in IoT device architecture and firmware using software and hardware pentesting techniques, and you'll also focus on various IoT exploitation techniques and security automation.
Read more
Nov 2017 15h 4m
Security Automation with Ansible 2
Security Automation with Ansible 2
Read more
Security automation is one of the most interesting skills to have nowadays. With over 750 automation modules, Ansible makes it easy for you to secure any part of your system—be it setting firewalls, providing authentication to users and groups, or setting custom security policies. It allows you to write automation procedures once and use them across your entire infrastructure. This book will teach you the best way to use Ansible for seemingly complex tasks by using the various building blocks available and creating solutions that are easy to teach others, store for later, perform version control on, and repeat.
Read more
Dec 2017 12h 8m
Network Vulnerability Assessment
Network Vulnerability Assessment
Read more
Being able to identify security loopholes has become critical to many businesses. That's where learning network security assessment becomes very important. This book will not only show you how to find out the system vulnerabilities but also help you build a network security threat model.
Read more
Aug 2018 8h 28m
Practical Industrial Internet of Things Security
Practical Industrial Internet of Things Security
Read more
This book provides you with a comprehensive understanding of Industrial IoT security; and practical methodologies to implement safe, resilient cyber-physical systems. It will help you develop a strong foundation and deeper insights on the entire gamut of securing connected industries, from the edge to the cloud.
Read more
Jul 2018 10h 48m
Infosec Strategies and Best Practices
Infosec Strategies and Best Practices
Read more
Information security strategies and best practices help in filling the gap that exists between theory and reality. The book starts by showing you how to implement risk management and governance structures into your organization and goes on to cover the best methods for operationalizing your information security strategy.
Read more
May 2021 9h 4m
Cloud Security Automation
Cloud Security Automation
Read more
In the current market, enterprise organizations are moving rapidly towards the cloud infrastructure because of its flexibility and cost effectiveness. Hence, it has become extremely important to have a security framework in place. Automating security functions will play a key role when it comes to cloud governance. This book supplies best security practices for locking down your public and private cloud.
Read more
Mar 2018 11h 8m
Practical Internet of Things Security
Practical Internet of Things Security
Read more
This book will take you on a journey that begins with understanding the IoT and how it can be applied in various industries, goes on to describe the security challenges associated with the IoT, and then provides a set of guidelines to architecting and deploying a secure IoT in your enterprise. The book showcases how the IoT is implemented in early-adopting industries and describes how lessons can be learned and shared across diverse industries to support a secure IoT.
Read more
Nov 2018 12h 44m
Incident Response in the Age of Cloud
Incident Response in the Age of Cloud
Read more
This book is a comprehensive guide for organizations on how to prepare for cyber-attacks and control cyber threats and network security breaches in a way that decreases damage, recovery time, and costs, facilitating the adaptation of existing strategies to cloud-based environments.
Read more
Feb 2021 20h 44m
Right arrow icon
Visually different images

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Mastering Palo Alto Networks
Mastering Palo Alto Networks
Read more
Mastering Palo Alto Networks is a hands-on guide that helps you progress from a beginner to an expert in configuring Palo Alto firewalls. It covers setup, management, and optimization with real-world examples for both on-prem and cloud environments.
Read more
May 2025 21h 32m
Cloud Native Anti-Patterns
Cloud Native Anti-Patterns
Read more
Uncover and fix cloud native anti-patterns across strategy, culture, security, and operations. This book guides you through the practical steps to avoid common traps and shift your organization toward cloud-native best practices that drive lasting success.
Read more
Mar 2025 14h 44m
AWS for System Administrators
AWS for System Administrators
Read more
Master the art of designing, deploying, and managing AWS infrastructure with industry best practices. You'll learn to automate workflows, optimize costs, and implement robust disaster recovery strategies for scalable cloud success.
Read more
May 2025 14h 12m
Kubernetes for Generative AI Solutions
Kubernetes for Generative AI Solutions
Read more
Learn step by step how to design, optimize, and deploy Generative AI projects on Kubernetes. Covering networking, observability, security, scaling, and cost optimization strategies, this guide takes you from first deployment to production excellence.
Read more
Jun 2025 11h 8m
Azure Cloud Projects
Azure Cloud Projects
Read more
Azure Cloud Projects offers a hands-on introduction to Microsoft Azure, designed to help you build real-world cloud solutions, develop job-ready skills, and apply best practices that are widely used across the cloud computing industry.
Read more
May 2025 8h 28m
Sustainable Cloud Development
Sustainable Cloud Development
Read more
This book introduces best practices for developing and deploying high-performing, eco-friendly cloud applications, helping you meet sustainability goals while delivering efficient cloud solutions.
Read more
Mar 2025 9h 12m
SLIs and SLOs Demystified
SLIs and SLOs Demystified
Read more
This comprehensive guide to reliability engineering dives deep into SLIs, SLOs, observability, and incident management. It shows you how to optimize system reliability and make data-driven decisions to balance performance and business goals.
Read more
Apr 2025 10h 0m
Right arrow icon