Please enable JavaScript.
Coggle requires JavaScript to display documents.
DevSecOps Ecosystem Draft V1.0 - Coggle Diagram
DevSecOps Ecosystem
Draft V1.0
Operate Phase
Backup Management
VM / Container snapshot
Operations Dashboard
Grafana, ELK Dashboard
Production Deploy Phase
Container
Docker
Container Scanning tools
OpenScap , Lynis , BlackDuck
Configuration Management Tool
Ansible
VM
Compliant Base Image
NIST SP800-53
CIS Benchmark
ISO 27001
Audit with OpenScap
Monitor Phase
Log Analysis & Auditing
ELK Stack
Statsd, Graphite, Grafana
Alerting & Notification
Logging
Incident Response
Ops Game Day
Attack-driven / Defense-driven approach
Test Phase
DAST Tools
OWASP Zap
Security Test
Gauntlt
Unit / Functional testing
JUnit
Selenium
Develop Phase
IDE Security Plugins
Security Bugs Plugins for JAVA
Puma Scan for .NET
IDE
Source Code Repository
Git
GitLab
Code Review
Manual / Gerrit
Linting Tool for Ansible
Ansible-lint
Automated testing for Ansible code
ServerSpec, InSpec
Secret Keeper
HashiCorp Vault
Release/Deliver Phase
Release Packaging Tool
Artifactory
Nexus Repo Manager
Build Phase
SAST Tools
.NET - FxCop
.NET - Gendarme
.NET Puma Scan , VS
SAST Tools
Java- CheckStyle
Java - Findbugs
Java - CheckMarx,Fortify
.NET - FxCop
Build Tool
Jenkins
Plan Phase
Issue Tracking System
JIRA
Asset Inventory System
Excel
Team Collaboration System
WebEx/ Teams/Skype
Threat Modeling
Risk Assessment
Out-Of-Band
Vulnerability Assessment
Penetration Testing