DevSecOps in the Enterprise2020-09-24T20:11:25+00:00

Accelerating DevSecOps in the Enterprise

Join Colin Dembovsky, 10th Magnitude Cloud Solution Architect and Microsoft Azure DevOps MVP as he explores how to transform and secure an entire software supply chain using the powerful trifecta of DevSecOps, Azure DevOps, and GitHub.

Session 1:

Intro to DevSecOps

In this intro to the series, Cloud Solution Architect Colin Dembovsky does an intro into DevSecOps and why GitHub is so important to this discussion. We’ll discuss Open Source, InnerSourcing and Securing the Software Supply Chain.

Session 2:

GitHub Source Control & Azure Boards

An overview of the technologies and demo we’ll be covering in the series, plus high-level work item tracking capabilities in Azure Boards, integration with GitHub repos, creating a branch in the repo, logging a Pull Request, and configuring branching policies.

Session 3:

Security Scanning with GitHub: DependaBot & Semmle

In this session, we look at Dependency vulnerability alerting in GitHub with Dependabot. We also take a quick look at Semmle and how to integrate Semmle into your checks.

Session 4:

Azure Pipelines

In this session we look at Azure pipelines for building, testing and deploying the code from the GitHub repo. We cover the build templates in detail and show how multi-stage YAML files can be used to model and end to end release workflow.

Session 5:

GitHub Actions, SonarQube and Testing in Production with Azure Web Apps

In this session, we cover GitHub Actions and how SonarQube integrates into the Pipeline for technical debt management and quality gates. We also perform blue/green testing using Azure Web App slots, monitoring metrics with Application Insight to validate the experiment.

Session 6:

Application Insights & Wrap-up

In this session we see how to integrate Application Insights into code. Finally, Colin wraps up with a recap of the entire series.

Harness the power of DevSecOps in your business — contact us to get started with one of our GitHub or DevOps solutions below!

GitHub Quickstart

Migrate up to 3 repos & pilot code-to-cloud on the GitHub platform

GitHub Enterprise Adoption

Configure a large scale, reliable & secure environment & onboard teams

GitHub Advanced Security

Empower developers & security engineers to secure your software supply chain

DevOps Assessment

Baseline your current DevOps capabilities & plan your transformation journey

Contact Us

Additional Resources

Learn More From 10th Magnitude’s DevOps Experts

Azure Private Link is Now Available for Azure Kubernetes Service — Here’s What That Means for You

AKS was already a great service, but now it has even more to offer. Microsoft recently announced the availability of Azure Private Link for AKS, which provides an additional layer of network security for AKS clusters. Learn more about this long-awaited feature and what it means for your organization.