A team advancing towards integrating an extensively-defined “security” into DevOps faces concerns such as:
-
Security of the CI/CD Pipeline
: authentication required to push changes, login tracking, key management, secure storage of build artifacts, etc.
-
Security in the CI/CD Pipeline
: automated security testing, static code analysis, etc.
-
Security Automation
: configuration management, automated incident response and forensics, secure backups, log monitoring, etc