From Zero to Secure Continuous Delivery in 60 Minutes
Containers, DevOps, Continous Delivery, and Microservices are common terms in today’s corporate landscapes. In this presentation, we will start from scratch and build a complete continuous delivery pipeline until the end of our sixty minutes. In the progress, we will discuss principles such as infrastructure-as-code, platform-as-code, and container orchestration and how they need to be interweaved to make the most out of the concepts and reach true continuity. One of the resulting benefits can be security work that is truely weaved into the deployment pipeline. Complementing the functional aspects, we will cover the questions how security considerations can be integrated into a certain component or feature and whether a component, concept, or feature raises security issues. Key security areas will be common platform features (such as logging, monitoring, or secret management), container isolation capabilities, and operational security governance challenges. The final demo of the complete pipeline will then be understood by the audience and covered from both a functional and a security perspective (even though some challenges will remain open).