2020年2月7日 星期五

Security testing in DevOps

Before we continue to talk about security testing in nowadays, you must aware
traditional security can't fit in DevOps.  Because the  major traditional security control
rely on "Separation of Duty", it is conflict with DevOps "take full responsibility".
Security must Change or Die in DevOps.

Emerging patterns for security in a DevOps world

Traditional Security
DevSecOps
Embrace secrecy
Create Feedback Loops
Just Pass Audit!
Compliance adds Value
Enforce Stability
Create Chaos
Build a wall
Zero Trust Network
Slow Validation
Fast and Non-blocking
Certainly Testing
Adversity Testing
Test when Done
Shift Left
Process Driven
The Paved Road

沒有留言:

Obsidian 插件介紹:Text Generator

Text Generator 是 Obsidian 的一個插件,它可以根據給定的提示自動生成文本。這個插件使用 GPT-3 語言模型,能夠產生類似人類的文本,非常適合編寫故事、文章、電子郵件和其他類型文本。 主要功能: **生成文本:**根據提示生成各種長度的...