SlideShare a Scribd company logo

5 ways to use devops in product infrastructure management final

Pradeep Bohra, profile picture
Pradeep Bohra

The document outlines five key ways to apply DevOps principles in managing product infrastructure, including designing networks with best practices, implementing layered security, and setting up a continuous delivery pipeline for infrastructure as code (IaC). It emphasizes the reuse of components in IaC processes and the importance of creating a robust feedback loop through testing frameworks. Additionally, it addresses technology constraints and operational considerations for deploying a two-tier application on AWS using various tools.

Software
1 of 16
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
5 ways to use DevOps principles in product infrastructure management Pradeep Bohra https://www.linkedin.com/in/pbohra/
Use Case & Constraints 1. Design the network using native best practices 2. Layered Security 3. Setup the CD Pipeline for IAAC 4. IAAC - Reuse Components and Re-contribute 5. Complete the feedback loop SUMMARY OF TOPICS
USE CASE CREATE INFRASTRUCTURE FOR A 2 TIER APPLICATION
TECHNOLOGY CONSTRAINTS DOMAIN AND CERTIFICATE AWS INFRA- PROVIDER AWS IAAC Terraform SCM GitHub OS CentOS 7.x ORCHESTRATION Jenkins SERVER CONFIG Ansible INFRA SIZING SIZING DOCUMENTATION
Design the network using Native Best Practices 1.
Resilency and Fault Tolerance Minimal Monitoring Scaling Backup and Restore Audits and Compliance Availability SLAs Deployment Interfaces
2. Layered Security
NETWORK ACLs (Blacklisting) Security Group (Whitelisting) SIEM RESOURCE POLICY AND IAM Controlled Access IP TABLES OS level whitelisting CIS BENCHMARKING OS Image Vulnerability OPERATIONS VA/PT, Threat Assesment, Threat Detection, Threat response, Security Patches, APPLICATION SAST, SCA, Container Image Scan, DAST, WAF OWASP, ESAPI DATA SECURITY Encryption at REST Encryption at Transit FORENSICS Framework to respond to a security incident
3. CD Pipeline for IAAC 
https://github.com/pradeepbohra/leedsdevopsmeet1.git
Copy Right Image:MemeGenerator
4. IAAC - Reuse Components and Re- contribute
TERRAFORM REGISTRY https://registry.terraform.io DO NOT REINVENT THE WHEEL
5. Completing the feedback loop
CREATE ROBUST TEST FRAMEWORK WRITE TEST CONFIG ALONG WITH CODE WRITE COMPARISION CRITERIA LEVERAGE NATIVE SERVICES FOR TEST TECHNICAL DEBT DECOMMISSIONING MAINTAIN DAR
QUESTIONS THANKS

More Related Content

PDF
Automated Infrastructure Security: Monitoring using FOSS
Sonatype
 
PDF
淺談WAF在AWS的架構_20171027
4ndersonLin
 
PDF
Présentation kaspersky threat intelligence services
ANSItunCERT
 
PPTX
Evaluating container security with ATT&CK Framework
Sandeep Jayashankar
 
PDF
DevSecOps, The Good, Bad, and Ugly
4ndersonLin
 
PPTX
Best Practices for Configuring Your OSSIM Installation
AlienVault
 
PDF
(SACON) Madhu Akula - Automated Defense Using Cloud Service Aws, Azure, Gcp
Priyanka Aash
 
PDF
Prepare to defend thyself with Blue/Green
Sonatype
 
Automated Infrastructure Security: Monitoring using FOSS
Sonatype
 
淺談WAF在AWS的架構_20171027
4ndersonLin
 
Présentation kaspersky threat intelligence services
ANSItunCERT
 
Evaluating container security with ATT&CK Framework
Sandeep Jayashankar
 
DevSecOps, The Good, Bad, and Ugly
4ndersonLin
 
Best Practices for Configuring Your OSSIM Installation
AlienVault
 
(SACON) Madhu Akula - Automated Defense Using Cloud Service Aws, Azure, Gcp
Priyanka Aash
 
Prepare to defend thyself with Blue/Green
Sonatype
 

What's hot (20)

PPTX
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout Suite
OWASP Kyiv
 
PDF
Kubernetes security
Thomas Fricke
 
PPTX
Continuous monitoring with OSSIM
Eguardian Global Services
 
PPTX
Fortify dev ops (002)
Madhavan Marimuthu
 
PDF
DevSecCon Lightning 2021- Container defaults are a hackers best friend
Eric Smalling
 
PDF
Inherent Security Design Patterns for SDN/NFV Deployments
OPNFV
 
PPTX
Security at the Speed of the Network
Hantzley Tauckoor
 
PDF
Policy as code what helm developers need to know about security
LibbySchulze
 
PDF
Alien vault _policymanagement
Marjo'isme Yoyok
 
PPTX
Advanced OSSEC Training: Integration Strategies for Open Source Security
AlienVault
 
PPTX
Mod security
Shruthi Kamath
 
PDF
Apcera: Agility and Security in Docker Delivery
Apcera
 
PDF
Practical Approaches to Container Security
Shea Stewart
 
PDF
Implementing ossec
Jeronimo Zucco
 
PPTX
Are You Ready for a Cloud Pentest?
2nd Sight Lab
 
PDF
App sec in the time of docker containers
Akash Mahajan
 
PDF
Stories from the Security Operations Center (S.O.C.)
Alert Logic
 
PDF
Make your OpenStack Cloud Self-Defending with VESPA!
mlacostma
 
PDF
Realities of Security in the Cloud - CSS ATX 2017
Alert Logic
 
DOC
Deploying cisco asa firewall features
bestip
 
Cloud Security Hardening та аудит хмарної безпеки за допомогою Scout Suite
OWASP Kyiv
 
Kubernetes security
Thomas Fricke
 
Continuous monitoring with OSSIM
Eguardian Global Services
 
Fortify dev ops (002)
Madhavan Marimuthu
 
DevSecCon Lightning 2021- Container defaults are a hackers best friend
Eric Smalling
 
Inherent Security Design Patterns for SDN/NFV Deployments
OPNFV
 
Security at the Speed of the Network
Hantzley Tauckoor
 
Policy as code what helm developers need to know about security
LibbySchulze
 
Alien vault _policymanagement
Marjo'isme Yoyok
 
Advanced OSSEC Training: Integration Strategies for Open Source Security
AlienVault
 
Mod security
Shruthi Kamath
 
Apcera: Agility and Security in Docker Delivery
Apcera
 
Practical Approaches to Container Security
Shea Stewart
 
Implementing ossec
Jeronimo Zucco
 
Are You Ready for a Cloud Pentest?
2nd Sight Lab
 
App sec in the time of docker containers
Akash Mahajan
 
Stories from the Security Operations Center (S.O.C.)
Alert Logic
 
Make your OpenStack Cloud Self-Defending with VESPA!
mlacostma
 
Realities of Security in the Cloud - CSS ATX 2017
Alert Logic
 
Deploying cisco asa firewall features
bestip
 
Ad

Similar to 5 ways to use devops in product infrastructure management final (20)

DOCX
A Comprehensive Guide with DevOps Infrastructure Management Services at HEX64...
HEX64
 
PDF
Cncf checkov and bridgecrew
LibbySchulze
 
PPTX
infrastructure management at digital ages
Bernard Paques
 
PDF
Lessons learned from writing over 300,000 lines of infrastructure code
Yevgeniy Brikman
 
PDF
Growing your Cloud Practice by Josh Lupresto VP Engineering
SaraPia5
 
PDF
The Intersection of Security & DevOps
Alert Logic
 
PDF
Proactive monitoring tools or services - Open Source
B.A.
 
PDF
DevOpsDays - DevOps: Security 干我何事?
smalltown
 
PDF
You Build It, You Secure It: Higher Velocity and Better Security with DevSecOps
DevOps.com
 
PDF
TW SEAT - DevOps: Security 干我何事?
smalltown
 
PPTX
Cloud Native Applications - DevOps, EMC and Cloud Foundry
Bob Sokol
 
PPTX
EMC World 2016 - code.01 Everything as Code - How did we get here?
{code}
 
PPTX
Using Infrastructure as an Accelerator of DevOps Maturity
Josh Atwell
 
PPTX
Quality assurance in dev ops and secops world
Dr. Anish Cheriyan (PhD)
 
PDF
The What, Why, and How of DevSecOps
Cprime
 
PPTX
Cloud computing for microprocessor tools
GowthamRider
 
PDF
The Intersection of Security & DevOps
Alert Logic
 
PDF
Best CCNP (ENCOR 350 - 701) Training at NS3EDU
Ns3Edu
 
PPTX
Quality assurance in dev ops and secops world
Dr. Anish Cheriyan (PhD)
 
PDF
NFV: Infrastructure as Code
BrockResearch
 
A Comprehensive Guide with DevOps Infrastructure Management Services at HEX64...
HEX64
 
Cncf checkov and bridgecrew
LibbySchulze
 
infrastructure management at digital ages
Bernard Paques
 
Lessons learned from writing over 300,000 lines of infrastructure code
Yevgeniy Brikman
 
Growing your Cloud Practice by Josh Lupresto VP Engineering
SaraPia5
 
The Intersection of Security & DevOps
Alert Logic
 
Proactive monitoring tools or services - Open Source
B.A.
 
DevOpsDays - DevOps: Security 干我何事?
smalltown
 
You Build It, You Secure It: Higher Velocity and Better Security with DevSecOps
DevOps.com
 
TW SEAT - DevOps: Security 干我何事?
smalltown
 
Cloud Native Applications - DevOps, EMC and Cloud Foundry
Bob Sokol
 
EMC World 2016 - code.01 Everything as Code - How did we get here?
{code}
 
Using Infrastructure as an Accelerator of DevOps Maturity
Josh Atwell
 
Quality assurance in dev ops and secops world
Dr. Anish Cheriyan (PhD)
 
The What, Why, and How of DevSecOps
Cprime
 
Cloud computing for microprocessor tools
GowthamRider
 
The Intersection of Security & DevOps
Alert Logic
 
Best CCNP (ENCOR 350 - 701) Training at NS3EDU
Ns3Edu
 
Quality assurance in dev ops and secops world
Dr. Anish Cheriyan (PhD)
 
NFV: Infrastructure as Code
BrockResearch
 
Ad

Recently uploaded (20)

PDF
SAP S4 Hana Brochure 3 (PTS SYSTEMS AND SOLUTIONS)
pts464036
 
PDF
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
PDF
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
PPTX
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
PDF
How to Migrate SBCGlobal Email to Yahoo Easily
raymondjones7273
 
PPTX
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 
PPTX
assetexplorer- product-overview - presentation
nonameist3434
 
PDF
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
PDF
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
PDF
Digital Strategies for Manufacturing Companies
Virendra Rai, PMP
 
PPTX
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
PPTX
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
PDF
T3DD25 TYPO3 Content Blocks - Deep Dive by André Kraus
Andre Kraus
 
PDF
Nekopoi APK 2025 free lastest update
umarali35kp
 
PPTX
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
PDF
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
PDF
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
PPTX
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
PDF
PTS Company Brochure 2025 (1).pdf.......
pts464036
 
PPTX
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 
SAP S4 Hana Brochure 3 (PTS SYSTEMS AND SOLUTIONS)
pts464036
 
Design an Analysis of Algorithms I-SECS-1021-03
DilanEscobar1
 
Navsoft: AI-Powered Business Solutions & Custom Software Development
Navsoft
 
CHAPTER 2 - PM Management and IT Context
KevinPutra14
 
How to Migrate SBCGlobal Email to Yahoo Easily
raymondjones7273
 
L1 - Introduction to python Backend.pptx
MoizAhmed480282
 
assetexplorer- product-overview - presentation
nonameist3434
 
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
Why TechBuilder is the Future of Pickup and Delivery App Development (1).pdf
TechBuilder
 
Digital Strategies for Manufacturing Companies
Virendra Rai, PMP
 
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
VVF-Customer-Presentation2025-Ver1.9.pptx
blackmambaettijean
 
T3DD25 TYPO3 Content Blocks - Deep Dive by André Kraus
Andre Kraus
 
Nekopoi APK 2025 free lastest update
umarali35kp
 
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
Agentic AI Use Case- Contract Lifecycle Management (CLM).pptx
mhxyzzp
 
PTS Company Brochure 2025 (1).pdf.......
pts464036
 
Operating system designcfffgfgggggggvggggggggg
rmskumara09
 

5 ways to use devops in product infrastructure management final