characteristics of a devops culture change

Characteristics Of ADevOps Culture Change

Atul Kumar

https://k21academy.com/youtube © Copyright 2020 | K21 Academy | All Rights Reserved

2

Certified DevOps Engineer with over 11 + years of hands on experience in architecting / automating and optimizing the mission critical application and deployments over large scale infrastructures.

Proficient with Configuration Management tools and in developing the CI/CD Pipelines across Enterprise grade applications.

MICROSOFT AZURE DEVOPS ENGINEER EXPERT Certified from Microsoft Corp.

Certified SRE & SAFE4 DevOps practitioner for Large Enterprises.

Subramani: DevOps Expert


3

Making Most Of Training


4

Getting Help

[email protected]


5

mailto:[email protected]

Making Best of Your Training

⮚ Live Interactive Session⮚ FREE Unlimited Retake for Next 1 Years

⮚ FREE On-Job Support for next 1 Years

⮚ Ask Questions & Make Session Interactive

⮚ Add Yourself in WhatsApp Group

⮚ Live Session Details http://k21academy.com/live

⮚ Ask as Many Questions as you can & make session interactive

⮚ Do Lots of Hands-On

⮚ Learn at your own Pace & Look How Far You have come

⮚ Share WIN


6

http://k21academy.com/live

DOFD

Module Agenda

Agenda: Module


8

Golden Circle of DevOps

Shift Lift Strategies

Rugged DevOps

DevSec Ops

DevChat Ops

Lesson 1: Golden Circleof DevOps


10

Purpose, Cause, BeliefReason organization exists

What Sets you apart

Products and services


11

The WHY?

The HOW?

The WHAT?

Supported by Learning and Growth

Lesson 2: Shift LiftStrategies


13

DevOps – Shift Strategies

Golden Circle of DevOps Test driven

development (TDD)

Performance testing

End-to-end use-case testing

Security testing

Manual testing

Testing in production

“Shifting left” is about building quality into the software development process. When you shift left, fewer things break in

production, because any issues are detected and resolved earlier.

Shift Left

Shift Right

Lesson 3: Rugged DevOps


15

Rugged DevOps

Rugged DevOps is a method that includes security practices as early in the continuous delivery pipeline as possible to increase cybersecurity, speed,

and quality of releases beyond what DevOps practices can yield alone

Rugged software development is a cultural approach to

creating available, survivable, defensible, secure, and

resilient software

Rugged organizations are comfortable with

instrumentation, experimentation and experience

It is not the same as DevSec Ops but related


16

Rugged DevOps Bigger Questions?

IS MY PIPELINE CONSUMING THIRD-

PARTY COMPONENTS, AND IF SO, ARE THEY

SECURE?

ARE THERE KNOWN VULNERABILITIES

WITHIN ANY OF THE THIRD-PARTY

SOFTWARE WE USE?

HOW QUICKLY CAN I DETECT

VULNERABILITIES (TIME TO DETECT)?

HOW QUICKLY CAN I REMEDIATE IDENTIFIED VULNERABILITIES (TIME

TO REMEDIATE)?

Security practices need to be as good and quick at detecting

potential security anomalies as other parts of the DevOps pipeline,

including infrastructure automation and code development.

Lesson 4: DevSec

Ops


18

The purpose and intent of DevSec Ops is to build on the mindset that "everyone is responsible

for security" with the goal of safely distributing security decisions at speed and scale to those who

hold the highest level of context without sacrificing the safety required

DevSec Ops

Introduces security as a code Embraces the “shift left” testing strategy Leverages automation for resilience, testing,

detection and audit


19

Why Needed?

The IT infrastructure landscape has

undergone exponential changes over the past

decade. The shift to agile cloud computing platforms, shared

storage and data, and dynamic applications has brought huge benefits to organizations looking to thrive and grow through

the use of advanced applications and services.

DevSecOps was introduced into

the software development

lifecycle to bring development,

operations and security

together under one umbrella.

Making security an equal consideration alongside

development and operations is a must for any organization

involved in application development and

distribution. When you integrate DevSecOps and

DevOps, every developer and network administrator has security at the front of their mind when developing and

deploying applications.


20

How to achieve?

1. A developer creates code within a version control management system.

2. The changes are committed to the version control management system.

3. Another developer retrieves the code from the version control management system and carries out analysis of the static code to identify any security defects or bugs in code quality.

4. An environment is then created, using an infrastructure-as-code tool, such as Chef. The application is deployed and security configurations are applied to the system.

5. A test automation suite is then executed against the newly deployed application, including back-end, UI, integration, security tests and API.

6. If the application passes these tests, it is deployed to a production environment.

7. This new production environment is monitored continuously to identify any active security threats to the system.


21

Categories of Dev-Sec-Ops

Code Security

Build Security

Artifact Security

Container Security

Architecture Security

Release Security

Open source Security

Software Security

Lesson 5: DevChat

Ops


23

DevChat Ops

Chat clients + chat bots = conversation-drivendevelopment, delivery and support

The Transparency of ChatOps shortens feedback loops, improves information sharing, enhances team collaboration and enables

cross-training. It can also be used to decrease MTTR.

https://www.facebook.com/K21Academy

http://twitter.com/k21Academy

https://www.linkedin.com/company/k21academy

https://www.youtube.com/k21academy

https://www.instagram.com/k21academy


24

Find Us

https://www.facebook.com/K21Academy

http://twitter.com/k21technologies

https://www.linkedin.com/company/k21technologies

https://www.youtube.com/k21academy

https://www.instagram.com/k21academy

characteristics of a devops culture change

Documents