1click DevOpsSec

• The AppSec Lab
  • Akash Mahajan
  • Sandesh Anand

The Problem

• Traditionally, responsibilities were split between Dev and Ops teams
   
• With DevOps, Devs are now in charge of Ops too
   
• Traditional security slows DevOps

The Solution? 

Codify Security

• Equip developers to take care of security
   
• Use Ansible to help standardise security
  activities across environments and applications

                        Demo

1click Secure Servers

A simple level based approach to secure servers while being provisioned. 

1. Secured test servers on the internet
    
2. With security already in place, what works on test, works on prod

Demo 

1click Security Testing

Extensible framework for CLI security tools: Pre-configured, ready to go!

1. Security testing for WebApps - Nikto
    
2. Automated SSL configuration audit - SSLlabs-scan

Twitter

@theappseclab

@makash

@jubbaonjeans

Github

https://github.com/theappseclab/oneclicksecdevops