Please enable JavaScript.
Coggle requires JavaScript to display documents.
DevSecOps - Coggle Diagram
DevSecOps
Commit
Unit test
Build
Integration test
Deploy
Post Deploy
Prod Deploy
Monitoring
RASP (Runtime Application Self-Protection)
1 more item...
Test-time
DAST (Dynamic Application Security Testing)
Baseline Scan
Full Scan
OWASP Zed Attack Proxy (ZAP)
Acunetix
API Scan
IAST (Interactive Application Security Testing)
Positive Technologies Application Inspector
OAST (Out-of-band Application Security Testing)
Burp Suite
Pre-build
Secret Detection
GitLab Secret Detection.
Static Application Security Testing (SAST)
линтеры для IaC-кода: Docker, Kubernetes, Terraform, CloudFormation
Kubesec
kubescape
GitLab SAST
SonarQube
PT Application Inspector
Semgrep
Software Composition Analysis (SCA)
Source SCA анализирует исходный код
GitLab Dependency Scanning.
Trivy
Post-build
Binary SCA : Docker-образы, RPM-пакеты, JAR/WAR/EAR-архивы
GitLab Dependency Scanning
GitLab Container Scanning
Clair
Snyk Container
Pre-commit
прекоммит хуки