Chap 0. Preface

This book DOES:

Try to provide a definition of DevSecOps
Provide pattern of success in DevSecOps
Expose some of the technologies & practices involved in large DecSecOps deployments

This book DOESN’T:

What Is DevSecOps?

DevSecOps is

a set of agile & iterative practices that help to
- deliver software & technology systems rapidly, accurately, and repeatedly,
  - emphasizing people & processes above ~~tools~~.
a culture
- testing & security is an extension of development
- automation & scripting is emphasize

DevSecOps allows people to

use processes & tools to
- rapidly & repeatedly improve the quality of software.

Anyone interested in:

DevSecOps (& DevOps):
- maybe involved in development, security, operations or not
- have a computing background or not
the practices/processes in DevSecOps, e.g.
- write code, commit, push and have tests automated executing on that code
- scaling across multiple clouds seamlessly

Chap 1. The Need for DevSecOps
- How software was developed with methodologies like Waterfall, Agile?
- How software is developed with DevSecOps?
- The need to tear down department silos & places
- The important of culture in DevSecOps
Chap 2. Foundational Knowledge in 25 Pages or Less
- What you need to know to be successful in DevSecOps.
Chap 3. Integrating Security
- OWASP ZAP tool
Chap 4. Managing Code and Testing
- git, Gitflow pattern in DevSecOps
- Levels of testing
Chap 5. Moving Toward Deployment
- Configuration management as code
- Docker
  - Build a local registry
Chap 6. Deploy, Operate, and Monitor
- Use Ansible, Jenkins for code building, deployment
- Monitoring & its best practices
Chap 7. Plan and Expand
- Kubernetes: Clustering & expanding the deployment in an organization
Chap 8. Beyond DevSecOps
- 5 patterns & takeaways from successful DevSecOps organizations