Basic security setup for startups
POC/MVP/Demo stage

Basic security setup for startups

Hleb Skuratau Hleb Skuratau

Hleb Skuratau

CEO

发布日期: 2024年2月9日
+ 关注

The application deployment is done in subnets based on its logic. However, the build/deploy engine is unable to reach orchestration or database endpoints from external networks. There are three ways to overcome this issue:

  1. Deploy the build engine with build agents inside networks
  2. Deploy the build agent and configure management with the pull model
  3. Use the gitOps approach

Now that there is some codebase, it's time to conduct SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing). SAST tools like SonarQube, Snyk, and Fortify SCA, and DAST tools like Veracode, Acunetix, and Burp Suite can be used for this purpose. Some of these tools are cross-functional and can play both roles, the difference is only in the appliance stage.

Over several sprints, the product will be developed with a decent level of quality that can be delivered to demo users or shown to investors.

Raihan Ahmmed

Attracting business and being budget-smart | Prospertify Founder & CEO

1 年

Integrating SAST and DAST tools like SonarQube, Veracode, and Acunetix ensures security measures are in place.

回复
1 次回应
Hleb Skuratau

CEO

1 年

P.S. If you don't want to wait for the rest of the article, you can read it in full on our website:?https://t4itech.com/en/blog/basic-security-setup-for-startups
回复
1 次回应
查看更多评论

要查看或添加评论,请登录

Hleb Skuratau的更多文章

  • Automation, automation, automation...
    2024年3月24日

    Automation, automation, automation...

    Measurements(How we are going to measure the results): There is a DORA metrics offered by Google for the DevOps…

    2 条评论
  • Automation, automation, automation...
    2024年3月21日

    Automation, automation, automation...

    State(Where are we right now?): Where we are? There are 5 levels of DevOps maturity. But they are totally applicable at…

    2 条评论
  • Automation, automation, automation...
    2024年3月18日

    Automation, automation, automation...

    Approach(simplified): The adoption of DevOps methodology (or automation) sustainably differs from greenfield and…

    2 条评论
  • Automation, automation, automation...
    2024年3月15日

    Automation, automation, automation...

    Pre-word Since 1785, when William Cartwright invented and formally patented the first power loom, we have been hearing…

    2 条评论
  • Basic security setup for startups
    2024年2月12日

    Basic security setup for startups

    Live Your product is now ready to go live. We have a deployed stage with an identical network and application to the…

    1 条评论
  • Basic security setup for startups
    2024年2月7日

    Basic security setup for startups

    You have an idea and a couple of developers burning ideas, but at least you would like to feel safe from the security…

    1 条评论
  • Basic security setup for startups
    2024年2月5日

    Basic security setup for startups

    I recently had a conversation with my friend about starting a new company. We discussed the various stages a company…

    1 条评论
  • Components of DevOps culture - Processes
    2020年2月24日

    Components of DevOps culture - Processes

    - What is DevOps? When my teammates asked me this question, complaining too much buzzing around the topic, I decided to…

  • Components of DevOps culture - Branching Strategy
    2020年2月19日

    Components of DevOps culture - Branching Strategy

    Version Control System acts as an initiator of CI/CD process. Its crucial point is to get fast feedback back to…

  • Components of DevOps culture - Naming Convention
    2020年2月15日

    Components of DevOps culture - Naming Convention

    DevOps as a methodology is not just pure automation of builds. It's more about communication between different roles on…

社区洞察

其他会员也浏览了