90DaysOfDevOps day 2 - DevSecOps

AugustasV · Jan 20, 2024 · 0aecbe2 · 0aecbe2
1 parent 62a2fcf
commit 0aecbe2
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 2 deletions.
diff --git a/20230324163614/README.md b/20230324163614/README.md
@@ -0,0 +1,13 @@
+# 90DaysOfDevOps day 2 - DevSecOps
+
+* Include DevSecOps methods as early in development life cycle as possible continuation of DevOps
+* I hear and I forget. I see and I remember. I do and I understand. - Confucius
+* Trivy scanner could show critical vulnerabilities in docker images. Alternatives as security tool to consider Aqua Security, Snyk.
+* It should be collaboration between different it teams.
+* Cybersecurity focuses more on internal network, data, application security, DevSecops more about software CI/CD cycle improvements, collaboration between teams.
+* Observability - is to know how application observable, if we really know how it works.
+* Integrating security in developent stage, because security breaches could cost alot to fix if found out in production stage.
+* Security related tasks should be included in the backlog
+* Tesla over air updates run smoothly, one beta version, after two days another one, smooth rollback process.
+
+Source: [90DaysOfDevops day 2 DevSecOps](https://github.com/MichaelCade/90DaysOfDevOps/blob/main/2023/day02.md)
diff --git a/dex/changes.md b/dex/changes.md
@@ -1,5 +1,6 @@
-* 2024-01-19 21:50:06Z [90DaysOfDevOps - Day 1](../20230324163613)
+* 2024-01-20 22:00:27Z [90DaysOfDevOps day 2 - DevSecOps](../20230324163614)
 * 2024-01-19 22:25:24Z [Get started Software Engineering learning resources](../20221107092258)
+* 2024-01-19 21:50:06Z [90DaysOfDevOps - Day 1](../20230324163613)
 * 2024-01-10 10:10:30Z [GitLab for Compliance and Best Practices](../20230324163611)
 * 2024-01-09 13:50:17Z [Selecting Six Sigma methods for project improvements](../20230324163610)
 * 2024-01-09 13:42:43Z [Six Sigma Overview](../20230324163609)

diff --git a/dex/nodes.tsv b/dex/nodes.tsv
@@ -86,3 +86,4 @@
 20230324163610	2024-01-09 13:50:17Z	Selecting Six Sigma methods for project improvements
 20230324163611	2024-01-10 10:10:30Z	GitLab for Compliance and Best Practices
 20230324163613	2024-01-19 21:50:06Z	90DaysOfDevOps - Day 1
+20230324163614	2024-01-20 22:00:27Z	90DaysOfDevOps day 2 - DevSecOps
diff --git a/keg b/keg
@@ -1,4 +1,4 @@
-updated: 2024-01-19 21:50:06Z
+updated: 2024-01-20 22:00:27Z
 kegv:    2023-01
 
 title:   A Sample Keg