Sign in to confirm you’re not a bot

This helps protect our community. Learn more

Sign in

Secure DevOps (DevSecOps)

Microsoft Reactor

Microsoft Reactor

114K subscribers

<__slot-el>

Subscribe

<__slot-el>

Subscribed

11

Share

Save

553 views Streamed 2 years ago

553 views • Streamed live on Feb 15, 2023

What is this session about? Today IT security is not something we care about after the system has been released but instead we must build security into our products and processes. We need to think about security when we write code to avoid exposing attack surfaces, we need to carefully assess the modules we base our solutions on and we need to make sure we continuously inspect the result of the security analysis. Last time we looked at the software development lifecycle and how we can automate the process using Azure DevOps and GitHub. This time we are going to extend the process to include security practices to limit the risk of introducing vulnerabilities in the product we build and release. If you have missed the previous session, you can view it here: https://aka.ms/ModernDevOps The topics covered are: What is DevSecOps? Secure development practices Static code scanning for vulnerabilities using GitHub Dynamic security analysis using OWAS [eventID:18184] ...more

...more

Live chat replay

See what others said about this video while it was live.

Open panel

Comments 1

Top comments

Newest first

Chapters

These chapters are auto-generated

Introduction

0:00

Recap

6:10

GitHub Advanced

13:43

Demo

17:13

pull requests

20:43

version update

21:23

compability number

22:03

dismiss alert

24:03

enable dependency graph

24:53

enable version updates

26:03

debug dependency graph

27:13

edit dependency graph

29:03

pull request

29:53

secret scanning

31:13

Dynamic security analysis

42:08

Zap

43:23

Security Code Scanning

44:43

Automation

45:33

Zap Action

47:53

Learn More

49:43

Zap Update

50:08

Questions

51:13

Road map to become a DevOps expert

56:23

Sync to video time

Description

Secure DevOps (DevSecOps)

What is this session about? Today IT security is not something we care about after the system has been released but instead we must build security into our products and processes. We need to think about security when we write code to avoid exposing attack surfaces, we need to carefully assess the modules we base our solutions on and we need to make sure we continuously inspect the result of the security analysis. Last time we looked at the software development lifecycle and how we can automate the process using Azure DevOps and GitHub. This time we are going to extend the process to include security practices to limit the risk of introducing vulnerabilities in the product we build and release. If you have missed the previous session, you can view it here: https://aka.ms/ModernDevOps The topics covered are: What is DevSecOps? Secure development practices Static code scanning for vulnerabilities using GitHub Dynamic security analysis using OWAS [eventID:18184]

Chapters

View all

Transcript

Follow along using the transcript.

Show transcript

Microsoft Reactor

114K subscribers

Videos

About

Reactor on Twitter

Reactor on Facebook

Reactor on Linkedin

Transcript

Show chat replay

58:10

Develop an AI agents with Semantic Kernel | #MVPConnect

Microsoft Reactor

512 views • Streamed 15 hours ago

New