Е-Публикации
Технически университет - София

Abstract: Security in the DevOps lifecycle is essential in the software development environment. This paper presents a practical guide to securing Azure DevOps environments using built-in capabilities and integrated third-party tools. It explores the threat landscape, demonstrates real-world integration scenarios, and highlights the security role for Azure DevSecOps. By focusing on code quality, secret detection, and infrastructure security, this paper provides the teams with actionable insights to enhance security posture without compromising delivery speed or developer productivity.

References

1. Yaser Adel Mehraban and Sahil Malik, “Azure DevOps Explained: Get started with Azure DevOps and develop your DevOps practices”, Packt Publishing, 2020.
2. Michael Kaufmann, “Accelerate DevSecOps on Azure: Secure cloud-native applications using Azure DevOps and GitHub Advanced Security”, Apress, 2023.
3. Steve Buchanan and Samuel Erskine, “Azure Strategy and Implementation Guide: Architecting Microsoft Azure Solutions for DevOps, Security, Governance, and Cost Management”, Packt Publishing, 2023.
4. Dan Wahlin and Brij Bhushan Mishra, “Securing Cloud Applications: A Practical Guide to Azure Security”, Microsoft Press, 2022.
5. Fabiola Moyón Constante, Rafael Soares, Maria Pinto-Albuquerque, Daniel Méndez, Kristian Beckers, “Integration of Security Standards in DevOps Pipelines: An Industry Case Study”, IEEE, 2021
6. Ed Moyle and Diana Kelley, “Practical Cybersecurity Architecture - Second Edition: A guide to creating and implementing robust designs for cybersecurity architects”, Packt Publishing, 2023.
7. Thomas Erl, Eric Barceló Monroy, “Cloud Computing: Concepts, Technology, Security and Architecture, 2nd Edition”, O'Reilly Media, 2023
8. Sai Teja Makani, Shivadutt Jangampeta, “DevOps Security Tools: Evaluating Effectiveness in Detecting and Fixing Security Holes”, International Journal of DevOps, Vol. 1, No. 2, 2021.

Issue

Copyright IEEE