I attended re-invent:2022 in Las Vegas and had a great opportunity to connect with AWS developers and attend the sessions they offered. Here is one of the sessions on DevSecOps.
- Best prcatices for Securing your software delivery lifecycle
James Bland, Global Tech Lead - DevOps, AWSCurtis Rissi, Principal Specialist Solutions Architect, AWS
- session information
- Format: Breakout Session
- Level: 300 - Advanced
In this session, learn about ways you can secure your CI/CD pipeline on AWS. Review topics like security of the pipeline versus security in the pipeline, ways to incorporate security checkpoints across various pipeline stages, security event management, and aggregating vulnerability findings into a single pane of glass. Also discuss best practices, processes, and tools that can improve an organization’s ability to deliver applications and services in a secure manner.
In this session, attendees learned how to implement security at each phase of the software delivery lifecycle. James also pointed out that in today's world, bad actors are not trying to attack through the main door that we are preventing with IPS and IDS, but are finding other ways to crack systems.
I encourage everyone to watch this session to learn how each tool works for specific best practices and to be able to configure them.