Continuous Delivery is the heart of DevOps. Web applications, APIs and Microservices are now designed to have the latest version deployed as quickly as possible. This revolution has empowered organizations to develop highly available products and platforms. However, most of the traditional security checks are often bypassed since code can be sent from a repository to a production environment in seconds.
This talk lays down some strategies on how to continue having an operationally efficient DevOps pipeline while incorporating security throughout the entire process. Security is a growing concern in this field, not only because the pipeline is a critical component in many cloud native application and service deployments, but also due to the level of access these systems have to all the infrastructure around it. Most of that access is required for the level of automation organizations are striving to build towards, but forgoing security in this area exposes them in ways they may not know or understand.