DEV Community

Eng Soon Cheah
Eng Soon Cheah

Posted on • Updated on

Implement security for application lifecycle

#azure #security

Implement security validations for application development

  • DevOps practices offer an innovative approach to security:
    • Securing applications is a continuous, comprehensive process encompassing:
      • Secure infrastructure
      • Architectural design with layered security
      • Continuous security validation
      • Monitoring for attacks
  • CI/CD pipeline should include validation points:
    • IDE/pull request:
      • Using Git source control in Azure DevOps with branch policies
      • Requiring code review with each pull request
      • Linking commits to work items for auditing
    • CI:
      • Running static code analysis tests
    • Application deployment to DEV and TEST
      • Performing passive and active tests Alt text of image

Configure synthetic security transactions

  • Primary characteristics of synthetic transactions:
    • Represent the capability to check an application’s availability across a network
    • Are automated and self-contained
    • Simulate user transactions
  • Implementing synthetic user monitoring:
    • Requires authoring test clients that simulate user actions
    • Performs configurable but typical series of operations
    • Facilitates load testing by using multiple instances of the test client

Top comments (0)

Read next

aws-cloudsec profile image

Issue 60 of AWS Cloud Security Weekly

AJ -

wyattdave profile image

The Most Important Setting in Your Power Platform

david wyatt -

okoye_ndidiamaka_5e3b7d30 profile image

Serverless Architecture: A New Era in Application Development and Deployment

Okoye Ndidiamaka -

francotel profile image

Cómo Compartir un Secreto: Desglosando el Método de Adi Shamir para la Seguridad de Datos

francotel -