DevSecOps: Integrating Security into DevOps – Part 8

Continuing from our previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Continuous Compliance Continuous compliance is a practice that involves integrating compliance requirements into the software development lifecycle. By doing so, organizations can ensure that their software complies with regulatory requirements and internal security policies. Continuous compliance includes the following activities:…

Read More

DevSecOps: Integrating Security into DevOps – Part 7

Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Automated Vulnerability Management Automated vulnerability management is a key practice in DevSecOps. It involves using automated tools to identify, prioritize, and remediate vulnerabilities in an organization’s systems and applications. Automated vulnerability management includes the following activities: Shift-Left Testing Shift-left testing…

Read More

DevSecOps: Integrating Security into DevOps – Part 6

Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Threat Intelligence Threat intelligence is the process of gathering information about potential threats and vulnerabilities to an organization’s systems and applications. It involves collecting, analyzing, and disseminating information about potential threats, vulnerabilities, and threat actors. Threat intelligence includes the following…

Read More

DevSecOps: Integrating Security into DevOps – Part 3

Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Shift-Left Testing One of the key concepts in DevSecOps is shift-left testing. This means shifting security testing as far left in the software development process as possible. This helps identify security issues early in the development process, which is much…

Read More

NDepend–VSTS/Azure DevOps Integration–Part 01

In my previous article I wrote an introductory about NDepend and how it will be useful for Agile Team to ensure code quality. In that article we found how we can use NDepend in a developer machine. Now with this article we will familiarize ourselves in using NDepend in your build automation pipeline in your…

Read More

Introduction to NDepend : Static Code Analysis Tool

As a developer, you always have to take the pain of getting adapted to the best practices and coding guidelines to be followed as per the organizational or industrial standards.  Easy way to ensure your coding style follows certain standard is to manually analyze your code or use a static code analyzer like FxCop, StyleCop…

Read More