Spearited Guidance: Learning About DevSecOps @QuintessenceAnx Developer Advocate @ PagerDuty

Don’t panic @QuintessenceAnx

The Now @QuintessenceAnx

@QuintessenceAnx

Software Development Life Cycle @QuintessenceAnx

Vault over “The Wall” for Security Review @QuintessenceAnx

Software Development Life Cycle Security @QuintessenceAnx

@QuintessenceAnx

! @QuintessenceAnx

DevSecOps @QuintessenceAnx

What is DevSecOps? @QuintessenceAnx

DevSecOps stands for development, security, and operations. DevSecOps seeks to integrate security across the SDLC and streamline the workflows between dev, sec, and ops. @QuintessenceAnx

What DevSecOps is not @QuintessenceAnx

DevSecOps is not replacing security with dev and/or ops, or expecting dev and/or ops to become security specialists, or expecting security to become devs and/or ops. @QuintessenceAnx

Phew. @QuintessenceAnx

@QuintessenceAnx

How? @QuintessenceAnx

The Secure SDLC + Shifting Left @QuintessenceAnx

@QuintessenceAnx

@QuintessenceAnx

@QuintessenceAnx

SecOps Activities • Secure architecture / design • Threat modeling • Testing, e.g. SAST and DAST • Scanning images and dependencies • Fuzzing • And more! @QuintessenceAnx

Shift Left @QuintessenceAnx

@QuintessenceAnx

How? @QuintessenceAnx

Cultural Support @QuintessenceAnx

Humans. @QuintessenceAnx

Sharp end: High Risk Low Power Blunt end: Low Risk High Power @QuintessenceAnx

Exec Buy-in @QuintessenceAnx

Never trick staff, ever. @QuintessenceAnx

Training @QuintessenceAnx

Full Service Ownership @QuintessenceAnx

Capture the Flag @QuintessenceAnx

Threat Modeling @QuintessenceAnx

” @QuintessenceAnx

Secure Incident Response @QuintessenceAnx

  1. Stop the attack in progress. 2. Cut off the attack vector.
  2. Apply additional mitigations, make changes to monitoring, etc.
  3. Assemble the response team. 10.Forensic analysis of compromised systems.
  4. Isolate affected instances. 11.Internal communication.
  5. Identify timeline of attack. 12.Involve law enforcement.
  6. Identify compromised data. 13.Reach out to external parties that may have been used as vector for attack.
  7. Assess risk to other systems. 8. Assess risk of re-attack. 14.External communication. @QuintessenceAnx

Stop the attack in progress @QuintessenceAnx

Cut off the attack vector @QuintessenceAnx

Assemble the response team @QuintessenceAnx

Isolate the affected instances @QuintessenceAnx

Identify timeline of the attack @QuintessenceAnx

Identify compromised data @QuintessenceAnx

Assess risk to other systems @QuintessenceAnx

Assess risk of re-attack @QuintessenceAnx

Apply additional mitigations, additions to monitoring, etc. @QuintessenceAnx

Forensic analysis of compromised systems @QuintessenceAnx

Internal communication @QuintessenceAnx

Involve law enforcement @QuintessenceAnx

Reach out to external parties that may have been used as attack vectors @QuintessenceAnx

External communication @QuintessenceAnx

  1. Stop the attack in progress. 2. Cut off the attack vector.
  2. Apply additional mitigations, make changes to monitoring, etc.
  3. Assemble the response team. 10.Forensic analysis of compromised systems.
  4. Isolate affected instances. 11.Internal communication.
  5. Identify timeline of attack. 12.Involve law enforcement.
  6. Identify compromised data. 13.Reach out to external parties that may have been used as vector for attack.
  7. Assess risk to other systems. 8. Assess risk of re-attack. 14.External communication. @QuintessenceAnx

Resources & References noti.st/quintessence @QuintessenceAnx

PagerDuty Summit 22-25 June Register: pagerduty.com/events/ @QuintessenceAnx

Questions? Quintessence Anx Developer Advocate noti.st/quintessence @QuintessenceAnx