Team with DevOps Transform your Security · Open and clear communication – ensuring that the team...
Transcript of Team with DevOps Transform your Security · Open and clear communication – ensuring that the team...
![Page 1: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/1.jpg)
© Copyright 2018 Pivotal Software, Inc. All rights Reserved. Version 1.0
Paul Czarkowski@pczarkowski
Transform your Security Team with DevOps
![Page 2: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/2.jpg)
© Copyright 2018 Pivotal Software, Inc. All rights Reserved. Version 1.0
Paul Czarkowski@pczarkowski
Transform your DevOps Practice with Security
![Page 3: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/3.jpg)
![Page 4: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/4.jpg)
Cover w/ Image
Agenda
■ Who I Am
■ Compliance
■ DevOps
■ DevOps + Compliance
■ Q+A
![Page 5: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/5.jpg)
Compliance ?
![Page 6: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/6.jpg)
What is Compliance ?
Self Imposed
● CIS Controls / Benchmarks
● Security Technical Implementation Guide (STIG)
● Allowed opensource licenses
Regulatory
● PCI (US)
● HIPAA (US)
● Sarbanes-Oxley (US)
● EU GDPR
● NZ Information Security Manual (NZISM)
![Page 7: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/7.jpg)
Verification
Validation of compliance based onControls in place.
● Checklists● External Auditors
Checklists
Practice, Policy or Procedure established to meet compliance
requirements.
● Spreadsheets● Checklists● Sharepoint Pages
Specifications
Documentation of requirements that need to be met in order to be
compliant.
● PDFs● Verbose
Compliance Controls Audit
![Page 8: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/8.jpg)
Example of Compliance Specifications
![Page 9: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/9.jpg)
Example of Compliance Specifications
![Page 10: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/10.jpg)
![Page 11: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/11.jpg)
ComplianceOfficer Operations Security
Officer Auditor
![Page 12: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/12.jpg)
DevOps
![Page 13: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/13.jpg)
![Page 14: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/14.jpg)
![Page 15: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/15.jpg)
![Page 16: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/16.jpg)
![Page 17: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/17.jpg)
![Page 18: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/18.jpg)
![Page 19: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/19.jpg)
http://blog.d2-si.fr/2016/02/22/devopsconnection/
![Page 20: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/20.jpg)
![Page 21: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/21.jpg)
Rugged DevOps
DevSecOps
Secure DevOps
![Page 22: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/22.jpg)
https://www.devsecopsdays.com/articles/its-just-a-name
![Page 23: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/23.jpg)
![Page 24: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/24.jpg)
![Page 25: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/25.jpg)
DevOps + Compliance
![Page 26: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/26.jpg)
Embedded OS(Windows & Linux)
NSX-T
CPI (15 methods)
v1
v2
v3...
CVEs
Product UpdatesJava | .NET | NodeJS
Pivotal Application Service (PAS)
Application Code & Frameworks Buildpacks | Spring Boot | Spring Cloud |
Steeltoe
Elastic | Packaged Software | Spark
Pivotal Container Service (PKS)
>cf push >kubectl run
YOU build the containerWE build the container
vSphereAzure &
Azure StackGoogle CloudAWSOpenstack
PivotalNetwork
“3Rs”
Github
Concourse
Concourse
Pivotal ServicesMarketplace
Pivotal and Partner Products
Continuousdelivery
Public Cloud Services
Customer Managed Services
Ope
n S
ervi
ce B
roke
r A
PI
Repair — CVEs
Repave Rotate — Credhub
![Page 27: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/27.jpg)
PIVOTAL CLOUD FOUNDRY OPS
Powered by BOSH
BOSH is an open source tool for release engineering, deployment, lifecycle management, and monitoring of distributed systems.
BOSHPackaging w/ embedded OS
Server provisioning on any IaaS
Software deployment across availability zones
Health monitoring (server AND processes)
Self-healing w/ Resurrector
Storage management
Rolling upgrades via canaries
Easy scaling of clusters
![Page 28: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/28.jpg)
PIVOTAL CLOUD FOUNDRY OPS
Powered by BOSH
BOSH is an open source tool for release engineering, deployment, lifecycle management, and monitoring of distributed systems.
BOSHPackaging w/ embedded OS
Server provisioning on any IaaS
Software deployment across availability zones
Health monitoring (server AND processes)
Self-healing w/ Resurrector
Storage management
Rolling upgrades via canaries
Easy scaling of clusters
![Page 29: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/29.jpg)
PIVOTAL CLOUD FOUNDRY OPS
Powered by BOSH
BOSH is an open source tool for release engineering, deployment, lifecycle management, and monitoring of distributed systems.
BOSHPackaging w/ embedded OS
Server provisioning on any IaaS
Software deployment across availability zones
Health monitoring (server AND processes)
Self-healing w/ Resurrector
Storage management
Rolling upgrades via canaries
Easy scaling of clusters
![Page 30: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/30.jpg)
![Page 31: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/31.jpg)
![Page 32: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/32.jpg)
![Page 33: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/33.jpg)
![Page 34: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/34.jpg)
![Page 35: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/35.jpg)
![Page 36: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/36.jpg)
![Page 37: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/37.jpg)
Culture
![Page 38: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/38.jpg)
![Page 39: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/39.jpg)
Adopting a DevOps culture
Despite varying approaches to describing high-performance teams there is a set of common characteristics that are recognised to lead to success.
● Participative leadership – using a democratic leadership style that involves and engages team members● Effective decision-making – using a blend of rational and intuitive decision making methods, depending on that
nature of the decision task● Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective
communication methods and channels● Valued diversity – valuing a diversity of experience and background in team, contributing to a diversity of
viewpoints, leading to better decision making and solutions● Mutual trust – trusting in other team members and trusting in the team as an entity● Clear goals – goals that are developed using SMART criteria; also each goal must have personal meaning and
resonance for each team member, building commitment and engagement● Defined roles and responsibilities – each team member understands what they must do (and what they must not
do) to demonstrate their commitment to the team and to support team success● Positive atmosphere – an overall team culture that is open, transparent, positive, future-focused and able to
deliver success
https://en.wikipedia.org/wiki/High-performance_teams
![Page 40: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/40.jpg)
Lean
![Page 41: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/41.jpg)
https://imgur.com/gallery/kMJWs
![Page 42: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/42.jpg)
https://www.slideshare.net/KarenMartinGroup/value-stream-mapping-in-office-service-setttings
![Page 43: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/43.jpg)
Mappable Processes that include Security / Compliance
Application Release
● Vulnerability Scanning
● Security Scanning (sql injection etc)
● License Scanning
● Attribution
Compliance Audits
● Vulnerability Scanning
● Security Scanning (sql injection etc)
● Package updates
● OS inspection
Infrastructure Provisioning
● OS Hardening
● Firewalling
● User Management
● Remote logging and auditing
● Intrusion Detection
● Vulnerability Scanning
![Page 44: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/44.jpg)
Value Stream map for Provisioning a New Server
Current State
PrepareRequest
Network/ VLANs
Launch VM/ Install OS
Test Compliance Deliver
1-5days
1-5days
1-5days
1-5days
1-2days
1-2days
1-2days
1-2days
![Page 45: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/45.jpg)
Value Stream map for Provisioning a New Server
Future State
Deploy VM
ConfigureVM
Test Compliance Deliver
1-5days
1-5days
1-5days
1-2hours
1-2hours
1-2Hours
![Page 46: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/46.jpg)
Value Stream map for Provisioning a New Server
Future State
![Page 47: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/47.jpg)
![Page 48: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/48.jpg)
Automation
![Page 49: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/49.jpg)
![Page 50: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/50.jpg)
● Implements STIG controls via Ansible playbooks● Opensource project started at Rackspace● Plays well with existing config management● Easily override problematic controls
● Extends RSPEC for Compliance testing● Similar to Serverspec, but better.● Easy to go from serverspec to inspec● Inspec-STIG is all of STIG already written into
inspec tests.
![Page 51: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/51.jpg)
Source: @petecheslock
![Page 52: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/52.jpg)
Example of Compliance Specifications
![Page 53: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/53.jpg)
![Page 54: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/54.jpg)
![Page 55: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/55.jpg)
![Page 56: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/56.jpg)
![Page 57: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/57.jpg)
![Page 58: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/58.jpg)
![Page 59: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/59.jpg)
![Page 60: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/60.jpg)
![Page 61: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/61.jpg)
Measurement
![Page 62: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/62.jpg)
![Page 63: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/63.jpg)
![Page 64: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/64.jpg)
Sharing
![Page 65: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/65.jpg)
![Page 66: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/66.jpg)
What’s Next ?
![Page 67: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/67.jpg)
Other Security / Compliance tools
● Gauntlt ( Security Testing Framework )
● Metasploit ( Penetration Testing)
● Syntribos ( API security testing)
● Pivotal LicenseFinder ( Scanning licenses of dependencies )
● Snort ( Intrusion Detection )
● Fossology ( license compliance )
● OpenVAS ( vulnerability scanning )
● OSSEC ( Intrustion Detection )
![Page 68: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/68.jpg)
Questions ?
![Page 69: Team with DevOps Transform your Security · Open and clear communication – ensuring that the team mutually constructs shared meaning, using effective communication methods and channels](https://reader034.fdocuments.us/reader034/viewer/2022050215/5f61393ad6873f58da75b458/html5/thumbnails/69.jpg)
Transforming How The World Builds Software
© Copyright 2018 Pivotal Software, Inc. All rights Reserved.