AMA: DevSecOps versus Secure SDLC

shehackspurple profile image Tanya Janca ・1 min read

In a recent 'Ask Me Anything' live stream, Tanya Janca of SheHacksPurple.dev discusses 'DevSecOps versus Secure SDLC'. This video is approximately 2.5 minutes.

  • DevSecOps is you as an AppSec professional, doing your job, in a DevOps environment.
  • A secure SDLC is when you add security activities to your system development lifecycle. Preferably in every phase of the SDLC, and formalized (devs cannot avoid it).
  • Examples of secure SDLC -Threat modelling during design -Adding security requirements & review during requirements gathering -Reviewing your design for security flaws and to ensure secure deign concepts are applied

Then Tanya gets off topic and talks about SheHacksPurple.dev.

Posted on Apr 19 by:


markdown guide

The title !!!! and the observations on the differences between the two topics - really liked it.

You might find useful these kubernetes tools