Integrated Security
(Appsec + cloud + DevSecOps)
- Product Security +
-
Integration of all security products into CI/CD pipeline
- Static analysis software
- Software Composition Analysis (SCA)
- Secret-detection
- Scanning of container images
- Integration of automation test cases
-
Review of security standards related to development process
- How developers access repositories
- Security settings of repos
- Access keys management with partners
- API & access keys management of the team