{"product_id":"implementing-devsecops-practices-vandana-verma-sehgal-9781803231495","title":"Implementing DevSecOps Practices: Supercharge your software security with DevSecOps excellence","description":"\u003cp\u003e\u003cstrong\u003eGet to grips with application security, secure coding, and DevSecOps practices to implement in your development pipeline\u003c\/strong\u003e\u003c\/p\u003eKey Features\u003cul\u003e\n\u003cli\u003eUnderstand security posture management to maintain a resilient operational environment\u003c\/li\u003e\n\u003cli\u003eMaster DevOps security and blend it with software engineering to create robust security protocols\u003c\/li\u003e\n\u003cli\u003eAdopt the left-shift approach to integrate early-stage security in DevSecOps\u003c\/li\u003e\n\u003cli\u003ePurchase of the print or Kindle book includes a free PDF eBook\u003c\/li\u003e\n\u003c\/ul\u003eBook Description\u003cp\u003eDevSecOps is built on the idea that everyone is responsible for security, with the goal of safely distributing security decisions at speed and scale to those who hold the highest level of context. This practice of integrating security into every stage of the development process helps improve both the security and overall quality of the software. This book will help you get to grips with DevSecOps and show you how to implement it, starting with a brief introduction to DevOps, DevSecOps, and their underlying principles.\u003c\/p\u003e\u003cp\u003eAfter understanding the principles, you'll dig deeper into different topics concerning application security and secure coding before learning about the secure development lifecycle and how to perform threat modeling properly. You'll also explore a range of tools available for these tasks, as well as best practices for developing secure code and embedding security and policy into your application. Finally, you'll look at automation and infrastructure security with a focus on continuous security testing, infrastructure as code (IaC), protecting DevOps tools, and learning about the software supply chain.\u003c\/p\u003e\u003cp\u003eBy the end of this book, you'll know how to apply application security, safe coding, and DevSecOps practices in your development pipeline to create robust security protocols.\u003c\/p\u003eWhat you will learn\u003cul\u003e\n\u003cli\u003eFind out how DevSecOps unifies security and DevOps, bridging a significant cybersecurity gap\u003c\/li\u003e\n\u003cli\u003eDiscover how CI\/CD pipelines can incorporate security checks for automatic vulnerability detection\u003c\/li\u003e\n\u003cli\u003eUnderstand why threat modeling is indispensable for early vulnerability identification and action\u003c\/li\u003e\n\u003cli\u003eExplore chaos engineering tests to monitor how systems perform in chaotic security scenarios\u003c\/li\u003e\n\u003cli\u003eFind out how SAST pre-checks code and how DAST finds live-app vulnerabilities during runtime\u003c\/li\u003e\n\u003cli\u003ePerform real-time monitoring via observability and its criticality for security management\u003c\/li\u003e\n\u003c\/ul\u003eWho this book is for\u003cp\u003eThis book is for DevSecOps engineers and application security engineers. Developers, pentesters, and information security analysts will also find plenty of useful information in this book. Prior knowledge of the software development process and programming logic is beneficial, but not required.\u003c\/p\u003eTable of Contents\u003col\u003e\n\u003cli\u003eIntroducing DevSecOps\u003c\/li\u003e\n\u003cli\u003eDevSecOps Principles\u003c\/li\u003e\n\u003cli\u003eUnderstanding the Security Posture\u003c\/li\u003e\n\u003cli\u003eUnderstanding Observability\u003c\/li\u003e\n\u003cli\u003eUnderstanding Chaos Engineering\u003c\/li\u003e\n\u003cli\u003eContinuous Integration and Continuous Deployment\u003c\/li\u003e\n\u003cli\u003eThreat Modeling\u003c\/li\u003e\n\u003cli\u003eSoftware Composition Analysis (SCA)\u003c\/li\u003e\n\u003cli\u003eStatic Application Security Testing (SAST)\u003c\/li\u003e\n\u003cli\u003eInfrastructure-as-Code (IaC) Scanning\u003c\/li\u003e\n\u003cli\u003eDynamic Application Security Testing (DAST)\u003c\/li\u003e\n\u003cli\u003eSetting Up a DevSecOps Program with Open Source Tools\u003c\/li\u003e\n\u003cli\u003eLicenses Compliance, Code Coverage, and Baseline Policies\u003c\/li\u003e\n\u003cli\u003eSetting Up a Security Champions Program\u003c\/li\u003e\n\u003cli\u003eCase Studies\u003c\/li\u003e\n\u003cli\u003eConclusion\u003c\/li\u003e\n\u003c\/ol\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eAuthor:\u003c\/b\u003e Vandana Verma Sehgal\u003cbr\u003e\u003cb\u003eISBN-10:\u003c\/b\u003e 1803231491\u003cbr\u003e\u003cb\u003eISBN-13:\u003c\/b\u003e 9781803231495\u003cbr\u003e\u003cb\u003ePublisher:\u003c\/b\u003e Packt Publishing\u003cbr\u003e\u003cb\u003eLanguage:\u003c\/b\u003e English\u003cbr\u003e\u003cb\u003ePublished:\u003c\/b\u003e 12\/22\/2023\u003cbr\u003e\u003cb\u003ePages:\u003c\/b\u003e 258\u003cbr\u003e\u003cb\u003eFormat:\u003c\/b\u003e Paperback\u003cbr\u003e\u003cb\u003eWeight:\u003c\/b\u003e 0.99lbs\u003cbr\u003e\u003cb\u003eSize:\u003c\/b\u003e 9.25h x 7.50w x 0.54d","brand":"Vandana Verma Sehgal","offers":[{"title":"Paperback","offer_id":44652173164799,"sku":"9781803231495","price":34.99,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0662\/2982\/9887\/files\/img_b6db1d64-f6f9-4b78-824e-981d9bc69347.jpg?v=1704214900","url":"https:\/\/www.whiterainbookhouse.com\/products\/implementing-devsecops-practices-vandana-verma-sehgal-9781803231495","provider":"WR Book House","version":"1.0","type":"link"}