Finding Tools for DevSecOps

  /     /     /  
Publicated : 22/11/2024   Category : security


Finding Tools for DevSecOps


Finding the right tools can be the start of the right path toward DevSecOps. Heres how to start the hunt.



When
DevSecOps are defined
it can begin a process. But ultimately process requires tools to become practice. Where do you go to find tools to use when an organization wants to move beyond theory adding security to DevOps?
The good news is that there are sources for tools, and the better news is that there are some third-party lists for those tools. Depending on just how dedicated your organization is to the principles of open source, one resource might be the only directory you need to get started, but in any case, your organization will not be left without options.
GitHub
GitHub, the code-repository resource that has become the home to thousands of open source projects and software-designer portfolios, has a
page dedicated to DevSecOps
. The page, modestly titled Awesome DevSecOps, features resources ranging from automation and testing tools to podcasts and conferences.
Many of the resources listed on Awesome DevSecOps are valuable whether youre moving in the DevOps world or not. For example,
WebGoat
is a basic resource for learning web app security no matter which development discipline youre using. In the same way, while team-wide communication is critical for DevSecOps (and DevOps in general), theres nothing DevOps-specific about
Slack
or
HipChat
. Taken as a whole, though, the GitHub page may be the single resource that is currently most comprehensive when it comes to tools for those in starting down the DevSecOps path.
Virtualizing the Cable Architecture @ SCTE/ISBEs Cable-Tec Expo
Youre invited to attend Light Readings
Virtualizing the Cable Architecture event
– a free breakfast panel at SCTE/ISBEs Cable-Tec Expo on October 18 featuring Comcasts Rob Howald and Charters John Dickinson.
That doesnt mean its the only resource, though. DevSecOps.org has
links to tools and references
that those getting started in the field would find useful. There are also links to projects, presentations, and even comics on the site, as well as a way to join the Linkedin group run by this group of security professionals.
It should be noted that, as with an group of volunteers, activity can wax and wane, and some of the sections havent been refreshed in a while. The principles expressed are still useful, though, and beginners will find a great deal to help them on their way in the pages.
In addition to these two sites, there are a number of vendor-sponsored sites and pages that deal with the tools and practices around DevSecOps. They arent listed here -- thats what Google is for.
The fact is that most tools used in DevSecOps are common to the tools used in DevOps. There are scores of sites available for finding those, though GitHub once again provides a
good place to start
. As with DevOps, agile, and all the variations on them that are scattered around the enterprise development and operations landscape, the biggest tool that any organization can have is a willingness to change coupled with champions able to muscle, cajole, and inspire teams through the rough spots.
Related posts:
Cybercrime Is North Koreas Biggest Threat
Digital Identity Will Drive Revenue & Reduce Risk
Rackspace Strengthens Its Managed Security Story
— Curtis Franklin is the editor of
SecurityNow.com
. Follow him on Twitter
@kg4gwa
.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security

▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security

▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Finding Tools for DevSecOps