~ 3 min read

Shift Left Using Cloud: Implementing baseline security into your deployment lifecycle

In this video, Avinash Jain talks about how implementing the principle of Shift Left in terms of security into your deployment lifecycle can help in finding and fixing vulnerabilities in the early stages making it more efficient to address security issues

Introduction

โ€

As the pace of software releases made by organisations has increased manifold, the chances of introducing security vulnerabilities at each stage of software development lifecycle and each subsequent release has also increased. Security vulnerabilities that get introduced at the early stages of the software development lifecycle are much more time consuming and costly to fix towards the end of the cycle. To improve this process of addressing security issues, the Shift Left approach can be followed, which implies baking in security practices starting from the early stages of the software development lifecycle.

This tech talk is presented by Avinash Jain who is a security researcher and likes to break applications and hunt for vulnerabilities. He is an active blogger at medium where he updates about his journey into ethical hacking and his learnings in the field of security.

This video is part of the tech talks presented at Cloud Village. Cloud Village is an open space dedicated for people interested in cloud security and conducts various activities like talks, workshops, CTFs, and discussions around cloud. 

โ€

What to expect from this video

โ€

Following topics have been covered in this video:

  1. What is Shift Left?
  2. Affect on the cost of security as it moves away from the source
  3. Implementing baseline security into your deployment lifecycle
  4. AWS CodePipeline
  5. AWS DevSecOps Pipeline Architecture
  6. Reporting of vulnerabilities over Slack channels
  7. Benefits
  8. Short Demo

โ€

โ€

Key Takeaways

โ€

In general, once we reach the later stages of a software development lifecycle is the time when we look at security testing and removing the vulnerabilities. This costs more time and capital. Adoption of Shift Left in security should not be treated as an afterthought.

This video introduces you to Shift Left in security which means that any vulnerability which gets introduced in the beginning of the software development lifecycle should be taken care of early in the process so that we do not end up debugging all the steps towards the end of the life cycle. Implementing the Shift left principle saves time and is less expensive to fix. It helps in realising the security issues coming in the product sooner.

โ€

***

โ€

This article is brought to you by Kloudle Academy, a free e-resource compilation, created and curated by Kloudle. Kloudle is a cloud security management platform that uses the power of automation and simplifies human requirements in cloud security. Receive alerts for Academy by subscribing here.

;