How to Build DevSecOps Pipeline as Code with Hasan Yasar

By Test Guild
  • Share:
Join the Guild for FREE
Hasan Yasar TestGuild DevOps Toolchain

About this DevOps Toolchain Episode:

Last week, I shared a session from a previous Automation Guild, but this week, I'd like to share a session from our previous SecureGuild. So here is a presentation by Hasan Yasar on How to build a DevSecOps Pipeline as Code!

You've heard the hype and read dozens of blog posts on DevSecOps. Finally, your organization has decided to make this cultural shift to take advantage of automation and the benefits of DevOps.

However, making this shift as an engineering team can often be cumbersome because many tech professionals still need to familiarize themselves with the technologies required to implement a complete DevOps pipeline, including security automation.

In this talk, Hasan will introduce Microcosm, a miniature, secure DevOps pipeline he developed at the SEI, available through infrastructure as code. Microcosm represents a miniature version of a secure DevOps pipeline compared to what you find in a large enterprise environment.

Listen up as Hassan goes over crucial principles of the DevSecOps pipeline and shares his lesson-learned examples with the Security community.

TestGuild DevOps Toolchain Exclusive Sponsor

Get real-time data on real-user experiences – really.

Latency is the silent killer of apps. It’s frustrating for the user and under the radar for you. It’s easily overlooked by standard error monitoring. But now BugSnag, one of the best production visibility solutions in the industry, has its own performance monitoring feature: Real User Monitoring. It detects and reports real-user performance data – in real-time –so you can rapidly identify lags. Plus gives you the context to fix them. Try out Bugsnag for free today. No credit card is required.

About Hasan Yasar

Hasan Yasar

Hasan Yasar is the Technical Director of Continuous Deployment of Capability group in Software Engineering Institute, CMU. Hasan leads an engineering group to enable, accelerate and assure Transformation at the speed of relevance by leveraging, DevSecOps, Agile, Lean AI/ML and other emerging technologies to create a Smart Software Platform/Pipeline. Hasan has more than 25 years’ experience as senior security engineer, software engineer, software architect and manager in all phases of secure software development and information modeling processes. He is also Adjunct Faculty member in CMU Heinz Collage and Institute of Software Research where he currently teaches “Software and Security” and “DevOps: Engineering for Deployment and Operations

Connect with Hasan Yasar

 

Rate and Review TestGuild DevOps Toolchain Podcast

Thanks again for listening to the show. If it has helped you in any way, shape or form, please share it using the social media buttons you see on the page. Additionally, reviews for the podcast on iTunes are extremely helpful and greatly appreciated! They do matter in the rankings of the show and I read each and every one of them.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}
A person is speaking into a microphone on the "TestGuild News Show" with topics including weekly DevOps, automation, performance, and security testing. "Breaking News" is highlighted at the bottom.

SimpleQA, Playwright in DevOps, Testing too big? TGNS140

Posted on 11/04/2024

About This Episode: Are your tests too big? How can you use AI-powered ...

Mudit Singh TestGuild Automation Feature

AI as Your Testing Assistant with Mudit Singh

Posted on 11/03/2024

About This Episode: In this episode, we explore the future of automation, where ...

Eli Farhood TestGuild DevOps Toolchain

The Emerging Threats of AI with Eli Farhood

Posted on 10/30/2024

About this DevOps Toolchain Episode: Today, you're in for a treat with Eli ...