How to Build DevSecOps Pipeline as Code with Hasan Yasar

By Test Guild
  • Share:
Join the Guild for FREE
Hasan Yasar TestGuild DevOps Toolchain

About this DevOps Toolchain Episode:

Last week, I shared a session from a previous Automation Guild, but this week, I'd like to share a session from our previous SecureGuild. So here is a presentation by Hasan Yasar on How to build a DevSecOps Pipeline as Code!

You've heard the hype and read dozens of blog posts on DevSecOps. Finally, your organization has decided to make this cultural shift to take advantage of automation and the benefits of DevOps.

However, making this shift as an engineering team can often be cumbersome because many tech professionals still need to familiarize themselves with the technologies required to implement a complete DevOps pipeline, including security automation.

In this talk, Hasan will introduce Microcosm, a miniature, secure DevOps pipeline he developed at the SEI, available through infrastructure as code. Microcosm represents a miniature version of a secure DevOps pipeline compared to what you find in a large enterprise environment.

Listen up as Hassan goes over crucial principles of the DevSecOps pipeline and shares his lesson-learned examples with the Security community.

TestGuild DevOps Toolchain Exclusive Sponsor

Get real-time data on real-user experiences – really.

Latency is the silent killer of apps. It’s frustrating for the user and under the radar for you. It’s easily overlooked by standard error monitoring. But now BugSnag, one of the best production visibility solutions in the industry, has its own performance monitoring feature: Real User Monitoring. It detects and reports real-user performance data – in real-time –so you can rapidly identify lags. Plus gives you the context to fix them. Try out Bugsnag for free today. No credit card is required.

About Hasan Yasar

Hasan Yasar

Hasan Yasar is the Technical Director of Continuous Deployment of Capability group in Software Engineering Institute, CMU. Hasan leads an engineering group to enable, accelerate and assure Transformation at the speed of relevance by leveraging, DevSecOps, Agile, Lean AI/ML and other emerging technologies to create a Smart Software Platform/Pipeline. Hasan has more than 25 years’ experience as senior security engineer, software engineer, software architect and manager in all phases of secure software development and information modeling processes. He is also Adjunct Faculty member in CMU Heinz Collage and Institute of Software Research where he currently teaches “Software and Security” and “DevOps: Engineering for Deployment and Operations

Connect with Hasan Yasar

 

Rate and Review TestGuild DevOps Toolchain Podcast

Thanks again for listening to the show. If it has helped you in any way, shape or form, please share it using the social media buttons you see on the page. Additionally, reviews for the podcast on iTunes are extremely helpful and greatly appreciated! They do matter in the rankings of the show and I read each and every one of them.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}
Brian Vallelunga TestGuild DevOps Toolchain

Centralized Secrets Management Without the Chaos with Brian Vallelunga

Posted on 09/25/2024

About this DevOps Toolchain Episode: Today, we're speaking with Brian Vallelunga, the founder ...

A person is speaking into a microphone on the "TestGuild News Show" with topics including weekly DevOps, automation, performance, and security testing. "Breaking News" is highlighted at the bottom.

Testing Castlevania, Playwright to Selenium Migration and More TGNS136

Posted on 09/23/2024

About This Episode: What game can teach testers to find edge cases and ...

Boris Arapovic TestGuild Automation Feature

Why Security Testing is an important skill for a QEs with Boris Arapovic

Posted on 09/22/2024

About This Episode: In this episode, we discuss what QE should know about ...