| Title | Design and Implementation of Security Test Pipeline based on DevSecOps |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Sun, Xiaohan, Cheng, Yunchang, Qu, Xiaojie, Li, Hang |
| Conference Name | 2021 IEEE 4th Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC) |
| Keywords | Conferences, devsecops, Human Behavior, human factors, Information security, maintenance engineering, Metrics, Pipelines, project management, pubcrawl, resilience, Resiliency, Scalability, security, security risk management, Security test, security vulnerability, Software |
| Abstract | In recent years, a variety of information security incidents emerge in endlessly, with different types. Security vulnerability is an important factor leading to the security risk of information system, and is the most common and urgent security risk in information system. The research goal of this paper is to seamlessly integrate the security testing process and the integration process of software construction, deployment, operation and maintenance. Through the management platform, the security testing results are uniformly managed and displayed in reports, and the project management system is introduced to develop, regress and manage the closed-loop security vulnerabilities. Before the security vulnerabilities cause irreparable damage to the information system, the security vulnerabilities are found and analyzed Full vulnerability, the formation of security vulnerability solutions to minimize the threat of security vulnerabilities to the information system. |
| DOI | 10.1109/IMCEC51613.2021.9482270 |
| Citation Key | sun_design_2021 |
Design and Implementation of Security Test Pipeline based on DevSecOps