Implementing Security to your DevOps Pipeline

09Oct

Implementing Security to your DevOps Pipeline

Srivatsa M S | VSTS, DevOps, Visual Studio | VSTS | 1 Comments | Return

Hi all, today in this post I'm gonna talk about "Implementing Security to your DevOps Pipeline using VSTS and White Source Bolt (DevSecOps)".

As we all know the trends that we are seeing out in the market, lot of buzz words are being heard and DevOps being 1 of them . People are adopting the process to deliver high value to their customers. As the definition goes "DevOps is the union of People, Process and Products to enable Continuous Delivery of value to our end users". While adopting the DevOps, it's not about going fast but also to look that you don't fall off a cliff. It's great to go fast but also check out for the security even before your code moves to the deployment environments. Implementing security is a big concern and a challenge as well. For example checking the vulnerable open source components, outdated libraries, license compliance issues if any etc.

DevOps + automated security & compliance = Rugged DevOps

With Visual Studio Team Services, we can implement security to our DevOps pipeline using WhiteSource extensions as part of the build process. This ensures that if there are any vulnerabilities with the code, or the libraries that are being used, it detects and gives a catalogue where you can go and have a fix first and then safely push your code to the desired environments making sure that you are secured enough to go and deliver value to your end users without any security complaints.

Stay tuned for more information on setting up the pipeline....!

VMSS deployment Using Custom VM Image

In this blog we will see the VMSS update by using an image with Rolling upgrade policy.Prerequisites...

Azure DevOps - “Sign-in required” issue while trying to assign user to a work item

Scenario – You are trying to assign a work item to your colleague but unable to assign as it shows ...

Roles in DevOps Mobile App Development

DevOps can be defined as an approach to enable seamless application delivery from inception to produ...

What is DevOps and why Enterprises are serious about it?

The term DevOps is becoming increasingly familiar as more and more companies are interested in imple...

How to Prevent Users from Moving Task to Closed State with a non-Zero value Remaining Work field in VSTS/TFS

In this Blog I am going to explain how we can customize Task in VSTS/TFS to Prevent Users from Movin...

DevOps with Visual Studio Team Services for Java

Hi All, if you are worrying how to do DevOps for Java in VSTS, here is the solution. I’m going to e...

VSTS Rollup Service - How to use

Hi All, Here i'm going to explain How VST...

VSTS Rollup Service - Setup

Hi All, if you are worrying how to calculate sum of the effort fields in VSTS, here is the solution....

VSTS Area Uploader

VSTS Area Uploader helps you to upload Areas (with multiple level) to your VSTS Team Projects from a...

VSTS Copy Dashboard Tool

The Copy Dashboard tool replicates/copies the existing dashboard from one team to either single or m...

Share

Comments

akhilpatel

Thanks for your post! Through your pen I found the problem up interesting! I believe there are many other people who are interested in them just like me! Thanks your shared!... I hope you will continue to have similar posts to share with everyone! I believe a lot of people will be surprised to read this article! Best DevOps online training in hyderabad

3/3/2020 6:17:49 PM | Reply

Post a Comment

Recent
Popular
Tag

VMSS deployment Using Custom VM Image

M Shanmukhanath Reddy 7/9/2020 11:52:00 AM

VMSS, Azure DevOps

In this blog we will see the VMSS update by using an image with Rolling upgrade policy.Prerequisites:Create a VM image in the portal to update the VMSS with that image.VMSS needs to be created with th...
Ansible Playbooks

Shaik Rabbani 6/22/2020 11:37:00 AM

Ansible Playbooks

Playbooks are nothing but files consisting of your written code, and they are written in YAML language, which defines the tasks and executes them through the Ansible. Playbooks may include one or more...
DevOps Strategies for Enabling Efficient Application Development for Software Companies during COVID-19

Nagaraj B Bhairaji 6/2/2020 12:31:00 PM

The COVID-19 pandemic has been unprecedented, and the entire IT industry has been forced to rethink and innovate practices to ensure continued support for critical operations and delivering quality so...
Ansible Ad-Hoc Commands and Playbooks

Shaik Rabbani 6/1/2020 11:51:00 AM

Ansible Ad-Hoc Commands

An ansible ad-hoc command is a one-line command that lets you perform basic tasks efficiently without writing playbooks. An Ansible ad-hoc command uses ansible command-line tool to automate a single t...

How to Install TestNG framework (Step by Step installation process)

Sowmya V 9/26/2014 12:58:00 PM

TestNG framework

Steps to Install Eclipse using install new Software:Step 1: In Eclipse, on top menu bar, Under Help Menu, Click on "Install new Software" in help window. Step 2: Enter the URL (http://b...
Token Based Authentication for Web API's

Deviprasad Kotian 8/8/2017 10:55:00 AM

MVC, Web API, ASP.NET, Authentication

Securing ASP.NET Web API using Custom Token Based AuthenticationProviding a security to the Web API’s is important so that we can restrict the users to access to it. We can provide the security ...
Handling Radio buttons and Checkboxes using Selenium Webdriver

Giridhar B S 4/25/2016 11:08:00 AM

Automation, Selenium, Software Testing

The main difference between Radio button and Checkbox is that, using radio button we will be able to select only one option from the options available. whereas using checkbox, we can select multiple o...
How to Host your Webpages on Google Drive

Ranganath Vishwanath 5/6/2014 9:47:00 AM

hosting, google drive

If you want to host your webpages quickly but don't have any web sever to host, then google drive is a greate alternative. You can use Google Drive to host your basic websites or even complex java...

Contact Us