Accelerating DevSecOps in the Enterprise
Join Colin Dembovsky, 10th Magnitude Cloud Solution Architect and Microsoft Azure DevOps MVP as he explores how to transform and secure an entire software supply chain using the powerful trifecta of DevSecOps, Azure DevOps, and GitHub.
Session 1:
Intro to DevSecOps
In this intro to the series, Cloud Solution Architect Colin Dembovsky does an intro into DevSecOps and why GitHub is so important to this discussion. We’ll discuss Open Source, InnerSourcing and Securing the Software Supply Chain.
Session 2:
GitHub Source Control & Azure Boards
An overview of the technologies and demo we’ll be covering in the series, plus high-level work item tracking capabilities in Azure Boards, integration with GitHub repos, creating a branch in the repo, logging a Pull Request, and configuring branching policies.
Session 3:
Security Scanning with GitHub: DependaBot & Semmle
In this session, we look at Dependency vulnerability alerting in GitHub with Dependabot. We also take a quick look at Semmle and how to integrate Semmle into your checks.
Session 4:
Azure Pipelines
In this session we look at Azure pipelines for building, testing and deploying the code from the GitHub repo. We cover the build templates in detail and show how multi-stage YAML files can be used to model and end to end release workflow.
Session 5:
GitHub Actions, SonarQube and Testing in Production with Azure Web Apps
In this session, we cover GitHub Actions and how SonarQube integrates into the Pipeline for technical debt management and quality gates. We also perform blue/green testing using Azure Web App slots, monitoring metrics with Application Insight to validate the experiment.
Session 6:
Application Insights & Wrap-up
In this session we see how to integrate Application Insights into code. Finally, Colin wraps up with a recap of the entire series.
Harness the power of DevSecOps in your business — contact us to get started with one of our GitHub or DevOps solutions below!
GitHub Quickstart
Migrate up to 3 repos & pilot code-to-cloud on the GitHub platform
GitHub Enterprise Adoption
Configure a large scale, reliable & secure environment & onboard teams
GitHub Advanced Security
Empower developers & security engineers to secure your software supply chain
DevOps Assessment
Baseline your current DevOps capabilities & plan your transformation journey
Additional Resources
Learn More From 10th Magnitude’s DevOps Experts
Cognizant Microsoft Business Group & DevSecOps with GitHub
How do you arm your developers with tools and platforms that empower them to build secure software? How can you integrate your security professionals into daily workflows? Read on to learn more...
Azure Private Link is Now Available for Azure Kubernetes Service — Here’s What That Means for You
AKS was already a great service, but now it has even more to offer. Microsoft recently announced the availability of Azure Private Link for AKS, which provides an additional layer of network security for AKS clusters. Learn more about this long-awaited feature and what it means for your organization.
10th Magnitude is Now a GitHub Verified Partner!
10th Magnitude was the first consulting partner to offer a GitHub solution in the Microsoft Azure Marketplace, and now we’re very excited to announce that we are officially a GitHub Verified Partner.