Discover how to implement DevSecOps in Azure through this comprehensive 52-minute conference talk by Victoria Almazova at NDC Conferences. Learn to navigate Azure's security and governance controls, starting with subscription-level security and progressing through secure application development, deployment, and production scanning for compliance. Gain insights into using Azure management groups, policies, blueprints, Security Center, DevOps, and security DevOps kits. Explore hands-on techniques for implementing and maintaining organizational security and compliance, avoiding common pitfalls, and efficiently utilizing security controls. Topics covered include statistics, security patterns, environment planning, policy application, CICD pipelines, static code analysis, penetration testing, and tools like AZS Toolkit and SPT Test.
Overview
Syllabus
Intro
About Victoria
Statistics
DevOps
Security Patterns
Plan wisely
Subscription per environment
Apply the policies
Security Center
CICD Pipeline
Management Groups
Policies
Development
Static code analysis
Azure DevOps
Phoenix Project
Security Code Analysis
Build Pipeline
Licensing
Pentesting
Release Pipeline
Release Report
AZS Toolkit
SPT Test
Taught by
NDC Conferences
Related Courses
-
AZ-400: Implement security and validate code bases for compliance
-
Implement DevSecOps in Azure
-
DevSecOps Fundamentals
-
SDLC for the DevSecOps Era - Adapting Application Security Techniques
-
How Not to Choke on a Big Old Project
-
Measuring DevSecOps - Building Metrics to Understand Effectiveness and Success
