DEV Community

Eng Soon Cheah
Eng Soon Cheah

Posted on • Edited on

1

Implement security for application lifecycle

Implement security validations for application development

  • DevOps practices offer an innovative approach to security:
    • Securing applications is a continuous, comprehensive process encompassing:
      • Secure infrastructure
      • Architectural design with layered security
      • Continuous security validation
      • Monitoring for attacks
  • CI/CD pipeline should include validation points:
    • IDE/pull request:
      • Using Git source control in Azure DevOps with branch policies
      • Requiring code review with each pull request
      • Linking commits to work items for auditing
    • CI:
      • Running static code analysis tests
    • Application deployment to DEV and TEST
      • Performing passive and active tests Alt text of image

Configure synthetic security transactions

  • Primary characteristics of synthetic transactions:
    • Represent the capability to check an application’s availability across a network
    • Are automated and self-contained
    • Simulate user transactions
  • Implementing synthetic user monitoring:
    • Requires authoring test clients that simulate user actions
    • Performs configurable but typical series of operations
    • Facilitates load testing by using multiple instances of the test client

Postmark Image

Speedy emails, satisfied customers

Are delayed transactional emails costing you user satisfaction? Postmark delivers your emails almost instantly, keeping your customers happy and connected.

Sign up

Top comments (0)

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay