SlideShare a Scribd company logo

Kovair DevSecOps Capabilities Overview

Download as PPTX, PDF
Kovair, profile picture
Kovair

Kovair DevOps provides a comprehensive DevSecOps solution that enables monitoring and management of multiple CI/CD pipelines with support for various deployment environments, including cloud and on-premises architectures. It offers security-focused services to assess and mitigate threats throughout the application lifecycle, including vulnerability assessments and secure coding practices. The platform is designed for ease of use, featuring intuitive interfaces, customizable pipelines, and integration capabilities with existing tools.

Technology
Related topics:
Insights on Software Development agile-software-developmentContinuous IntegrationContinuous Testing Integration Testing
1 of 19
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission © Kovair Software, Inc. | www.kovair.com KOVAIR DEVOPS The Comprehensive DevsecOps Solution
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission 2 Kovair DevOps – Major Value Propositions Monitor and manage multiple pipelines across multiple projects with complete visibility to Value Stream Supports edge computing with deployments over public/private/hybrid cloud, Kubernetes clusters or any on premise and VM environment Provides Low Code/No Code Drag-and-Drop configurable task-based CI/CD Pipeline Supports combination of both manual and automated activities in a pipeline wherever necessary for process adherence The platform is certified by Red Hat Enterprise Linux and OpenShift container platform. Available on both Azure and Amazon cloud marketplace. Smooth integration with ESB like Omnibus that supports 110+ integration beyond the boundary of CI/CD Application centric security services to predict, detect, mitigate and respond to threats – a separate Kovair service
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission 3 Command line Plugin SecOps Service Layer + Custom Security plugin
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Design and Delivery Approach to Service in 1st Phase Secure Design and Architecture Secure Coding Continuous Build, Integration and Testing Continuous Delivery and Deployment Runtime Defense and Monitoring Stage Triggers Security Activities SAST SCA Secure code review SAST SCA Container and Image Scan Systems, Containers and Network Vulnerability Monitoring RASP Application Testing and Fuzzing Penetration Testing Systems, Containers and Network Vulnerability Scan Artifacts and Image Repository Scan Integrated SAST via IDE Plugins SAST of Source Code Repo DAST Fuzzing IAST Image Scan Sign Continuous Instantiate Infrastructure Continuous Publish to Artifact and Image Repository Stage and Test Package Build and Integrate Developer Code Continuous Pull, Clone or Commit Application or Feature Design Threat modeling Baseline and Assess Security Controls Kovair Service Offered SecDevOps Platform and Services
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission 5 Kovair DevOps – Features Multiple release support within a project with release-based pipeline management Release calendar for tracking releases with release overtime indicator Support for multiple OS (Windows & Linux) and databases (MariaDB, MySQL, SQL Server, Oracle) Task based easy to configure pipelines with both sequential & parallel tasks Support for cloud-based installation, docker image, and downloadable installer Group based access to project, pipeline, and dashboard Intuitive and simple UI with minimum clicks with agent-based execution for scalability.
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Control Execution of Pipeline through Email Manage pipeline execution from e-mail Start a pipeline List active pipelines owned by user Stop a running pipeline Check status of a Current pipeline Check last run status of pipeline Check application server health
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Container Support • Build Docker images from a Dockerfile • Push an image to the repository • Pull an image from the repository • Run a docker image • Execute Docker Command • Deploy File • Delete File • Create Namespace • Create Job • Delete Job • Create Deployment • Execute Generic Command • Create Project • Create New Application • Create Route • Create Deployment • Create Service • Create Config Map • Create Job • Execute Generic Command
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Manage Infrastructure through Plugins • Initialize a working directory containing Terraform configuration files • Create an execution plan • Apply a plan • Destroy all created resources • Create a job against a job template and launch the newly created job • Relaunch an existing job against a job template and launch the newly created job • Create a chart directory along with the common files and directories • Install a new helm package • Upgrade a release to a new version • Uninstall a release • Execute Command in the Helm CLI
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Security Testing • Create an application if it doesn’t exist. • Create a build • Upload the WAR file into the scan • Perform pre-scan • Perform static scan • Fetch report data • Create an application if it doesn’t exist. • Create dynamic analysis • Fetch report data • Get Applications • Create and Execute Scan • Get Scan Status • Get Scan Report • Delete Scan Static Application Security Test (SAST) Dynamic Application Security Test (DAST) Dynamic Application Security Test (DAST)
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevOps Platform – Reports
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission 11 Why Kovair DevsecOps is the need of hour? Note: Contact Kovair for more details, sales@kovair.com CxO’s including CISOs / CIOs / CTOs and the Board of Directors need solutions for Cybersecurity Governance with Real-Time Dashboards! Teams need Collaboration solutions which enforce and monitor compliance to policies! And Enable Compliance to US and ISO Standards. Examples: ISO 27005 and FedRAMP. Evidence-based advice and education on the critical issues in digital transformation and cybersecurity risk oversight. Enabling Certification of digital and cybersecurity governance to shape and secure the digital future for everyone. Source: UCLA Anderson School of Management, DDN: Digital Director’s Network on Cybersecurity Governance
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevSecOps - Security As A Service Application Development Lifecycle Security Application Systems and Infrastructure Hardening Application Production Hosting Security Application & Digital Risk Monitoring 360° Protection
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevSecOps - Security As A Service – Use case 1  Service helps to assess what type of application data is out there and identifies attacks, breached material, credentials, intellectual property, social media, monitoring, and brand infringement by harvesting data available on the visible, dark & deep web.  Extended Detection and Response Management (XDRM) Services monitor the entire web to detect application- related risks, alert, investigate and even take down the offending content. Application & Digital Risk Monitoring Predict your organization’s application risk
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevSecOps - Security As A Service - Use case 2  Services will include Internal Vulnerability assessment & Penetration testing, External Vulnerability assessment & Penetration testing.  On-Prem or Cloud Security Architecture Review and Data Flow analysis on the application production environment and provide recommendation.  Data Centric Security Posture Management assessment and remediation support. Application Development Lifecycle Security Detect your organization’s application risk in development
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevSecOps - Security As A Service - Use case 3  Services will include source code review on first party and 3rd party. API Security assessments. External security assessment on application including Blackbox testing. Provide recommendation and remediation support.  Support in creating security policies, guide developers and operators to understand security requirements and best practices to deliver secure codes and serve as advisors.  Bridge resource gaps with our team of security experts by extended application security resourcing support and training. Application Production hosting Security Mitigate your organization’s application risk in production
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevSecOps - Security As A Service - Use case 4  Services will include attack surface analysis & threat modelling to chalk out the mitigation strategy in short term, mid term or long-term Example of such mitigation includes hardening of application stack through different means on the hosting infra.  Hardening of web application firewall, hosting servers, traffic between distributed layers.  Identity assessment management and anti-DDOS  Any other tailor-made solution Application Systems and Infrastructure Hardening Sustain your organization’s application risk by best practices hardening
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Competitive Analysis Features Kovair DevOps Jenkins GitLab Circle CI Supported Platforms Windows, Linux, Docker Image Windows, MacOS Vibrant, Linux, Docker Image Linux, macOS, Windows Linux, macOS License Commercial Basic Version - Open- Source Advanced - Commercial Basic Version - Open-Source Advanced - Commercial Free for open-source projects and Free plan for CircleCI Cloud – upto 1000 build minutes/month, 1 container, and 1 concurrent job Hosting On-premise and Cloud On-premise On-premise and Cloud On-premise and Cloud Prerequisites JRE, Tomcat JRE Node.js, Git, Ruby, Go, Redis Teraform, Kubectl, Helm, HelmDiff, VeleroCLI, AWS and so many No Code/ Low Code Support Yes Yes No No Pipeline Configuration UI & YAML UI & Groovy Script YAML YAML Manage & Execute Pipeline through E-Mail Yes No No No Custom Commandline Plugin Yes No No No Triggering a pipeline from another pipeline Easily configurable Easily configurable Yes, but with YAML Yes, but with YAML Release Calender Yes No No No Support/SLA Yes No official support available or SLAs for Free Edition No official support available or SLAs for Free Edition Yes Cloud Marketplace Yes No Yes Yes Application & Digital Risk Monitoring Yes No No No Application Production hosting Security Yes No No No Application Development Lifecycle Security Yes No No No Application Systems and Infrastructure Hardening Yes No No No
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission 18 Sample Kovair Customers BFSI Healthcare Industrial Telecom Semiconductor / Hardware Gov’t and Defense
Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Thank you! For more information Email: info@kovair.com, sales@kovair.com Web: www.kovair.com Follow us

More Related Content

PDF
Kovair DevOps - Overview Presentation
Kovair
 
PDF
Azure 101: Shared responsibility in the Azure Cloud
Paulo Renato
 
PPTX
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Scalar Decisions
 
PDF
Better Security Testing: Using the Cloud and Continuous Delivery
TechWell
 
PDF
Owasp masvs spain 17
Luis A. Solís
 
PPTX
Kovair Product Capabilities – An Overview
Kovair
 
PDF
Adopting the DoD Software Factory Model: Insights & How Tos
Anchore
 
PDF
DevSecOps - Background, Status and Future Challenges
dsc71656
 
Kovair DevOps - Overview Presentation
Kovair
 
Azure 101: Shared responsibility in the Azure Cloud
Paulo Renato
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Scalar Decisions
 
Better Security Testing: Using the Cloud and Continuous Delivery
TechWell
 
Owasp masvs spain 17
Luis A. Solís
 
Kovair Product Capabilities – An Overview
Kovair
 
Adopting the DoD Software Factory Model: Insights & How Tos
Anchore
 
DevSecOps - Background, Status and Future Challenges
dsc71656
 

Similar to Kovair DevSecOps Capabilities Overview (20)

PDF
Sukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak
 
PDF
How to Secure Your Kubernetes Software Supply Chain at Scale
Anchore
 
PDF
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
DOCX
Mastering Penetration Testing with Kali Linux.docx
Oscp Training
 
PPT
2011 NASA Open Source Summit - Forge.mil
NASA Open Government Initiative
 
PPTX
Application security meetup k8_s security with zero trust_29072021
lior mazor
 
PDF
Introduction to DevSecOps
Setu Parimi
 
PPTX
Securing Your Public Cloud Infrastructure
Qualys
 
PPTX
Web application vulnerability assessment
Ravikumar Paghdal
 
PPTX
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
Alert Logic
 
PPTX
Build a complete security operations and compliance program using a graph dat...
Erkang Zheng
 
PPTX
Securing Container Deployments from Build to Ship to Run - August 2017 - Ranc...
Shannon Williams
 
PDF
How to Test Your Mobile Apps From Anywhere.pdf
kalichargn70th171
 
PDF
Protecting Against Web Attacks
Alert Logic
 
PDF
Devops Interview Question PDF By ScholarHat
Scholarhat
 
PDF
Security that Scales with Cloud Native Development
Panoptica
 
PPTX
Web Application Security for Continuous Delivery Pipelines
Avi Networks
 
PDF
DevOps e a transformação digital de aplicações
Ramon Durães
 
PDF
Flosum Features and Functions Salesforce DevOps - July 2024 - DevOps Day.pdf
Mauricio Alexandre Silva
 
PPTX
CSC AWS re:Invent Enterprise DevOps session
Tom Laszewski
 
Sukumar Nayak-Agile-DevOps-Cloud Management
Sukumar Nayak
 
How to Secure Your Kubernetes Software Supply Chain at Scale
Anchore
 
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
Mastering Penetration Testing with Kali Linux.docx
Oscp Training
 
2011 NASA Open Source Summit - Forge.mil
NASA Open Government Initiative
 
Application security meetup k8_s security with zero trust_29072021
lior mazor
 
Introduction to DevSecOps
Setu Parimi
 
Securing Your Public Cloud Infrastructure
Qualys
 
Web application vulnerability assessment
Ravikumar Paghdal
 
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWS
Alert Logic
 
Build a complete security operations and compliance program using a graph dat...
Erkang Zheng
 
Securing Container Deployments from Build to Ship to Run - August 2017 - Ranc...
Shannon Williams
 
How to Test Your Mobile Apps From Anywhere.pdf
kalichargn70th171
 
Protecting Against Web Attacks
Alert Logic
 
Devops Interview Question PDF By ScholarHat
Scholarhat
 
Security that Scales with Cloud Native Development
Panoptica
 
Web Application Security for Continuous Delivery Pipelines
Avi Networks
 
DevOps e a transformação digital de aplicações
Ramon Durães
 
Flosum Features and Functions Salesforce DevOps - July 2024 - DevOps Day.pdf
Mauricio Alexandre Silva
 
CSC AWS re:Invent Enterprise DevOps session
Tom Laszewski
 
Ad

More from Kovair (20)

PDF
Global Chip Company Leverages Kovair Omnibus to Support End-to-End Product De...
Kovair
 
PPTX
Kovair QuickSync Capability Overview
Kovair
 
PPTX
Kovair Omnibus Capability Overview
Kovair
 
PPTX
Data Migration from Jira Zephyr to Azure and Vice Versa
Kovair
 
PPTX
Migration of Two Million Records with Zero Downtime for a Global Financial Or...
Kovair
 
PPTX
Kovair Products Summary 2022
Kovair
 
PDF
Ace Up Strategic Decisions Using Kovair PPM - Whitepaper
Kovair
 
PDF
Introduction to Kovair QuickSync for Data Migration
Kovair
 
PDF
Kovair Project Portfolio Management - Brochure
Kovair
 
PDF
Value Stream Delivery Platform for ALM, DevOps DevSecOps and Cloud-based SaaS...
Kovair
 
PDF
Migration of Two Million Records with Zero Downtime for a Global Financial Or...
Kovair
 
PDF
Kovair Capabilities for Automotive Development with Kovair ALM – White Paper
Kovair
 
PDF
Kovair Automotive Solution’s Compliance for ISO 26262 & ASPICE - Whitepaper
Kovair
 
PDF
GitLab Integration Adapter - Datasheet
Kovair
 
PDF
Teamcenter Integration Adapter - Datasheet
Kovair
 
PDF
Veracode Integration Adapter - Datasheet
Kovair
 
PDF
Polarian Integration Adapter - Datasheet
Kovair
 
PPTX
Kovair Products Offering
Kovair
 
PDF
ServiceNow Agile Integration Adapter - Datasheet
Kovair
 
PDF
Kovair MS Dynamics 365 Sales Adapter - Datasheet
Kovair
 
Global Chip Company Leverages Kovair Omnibus to Support End-to-End Product De...
Kovair
 
Kovair QuickSync Capability Overview
Kovair
 
Kovair Omnibus Capability Overview
Kovair
 
Data Migration from Jira Zephyr to Azure and Vice Versa
Kovair
 
Migration of Two Million Records with Zero Downtime for a Global Financial Or...
Kovair
 
Kovair Products Summary 2022
Kovair
 
Ace Up Strategic Decisions Using Kovair PPM - Whitepaper
Kovair
 
Introduction to Kovair QuickSync for Data Migration
Kovair
 
Kovair Project Portfolio Management - Brochure
Kovair
 
Value Stream Delivery Platform for ALM, DevOps DevSecOps and Cloud-based SaaS...
Kovair
 
Migration of Two Million Records with Zero Downtime for a Global Financial Or...
Kovair
 
Kovair Capabilities for Automotive Development with Kovair ALM – White Paper
Kovair
 
Kovair Automotive Solution’s Compliance for ISO 26262 & ASPICE - Whitepaper
Kovair
 
GitLab Integration Adapter - Datasheet
Kovair
 
Teamcenter Integration Adapter - Datasheet
Kovair
 
Veracode Integration Adapter - Datasheet
Kovair
 
Polarian Integration Adapter - Datasheet
Kovair
 
Kovair Products Offering
Kovair
 
ServiceNow Agile Integration Adapter - Datasheet
Kovair
 
Kovair MS Dynamics 365 Sales Adapter - Datasheet
Kovair
 
Ad

Recently uploaded (20)

PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Encapsulation theory and applications.pdf
gurumoop
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 

Kovair DevSecOps Capabilities Overview

  • 1. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission © Kovair Software, Inc. | www.kovair.com KOVAIR DEVOPS The Comprehensive DevsecOps Solution
  • 2. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission 2 Kovair DevOps – Major Value Propositions Monitor and manage multiple pipelines across multiple projects with complete visibility to Value Stream Supports edge computing with deployments over public/private/hybrid cloud, Kubernetes clusters or any on premise and VM environment Provides Low Code/No Code Drag-and-Drop configurable task-based CI/CD Pipeline Supports combination of both manual and automated activities in a pipeline wherever necessary for process adherence The platform is certified by Red Hat Enterprise Linux and OpenShift container platform. Available on both Azure and Amazon cloud marketplace. Smooth integration with ESB like Omnibus that supports 110+ integration beyond the boundary of CI/CD Application centric security services to predict, detect, mitigate and respond to threats – a separate Kovair service
  • 3. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission 3 Command line Plugin SecOps Service Layer + Custom Security plugin
  • 4. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Design and Delivery Approach to Service in 1st Phase Secure Design and Architecture Secure Coding Continuous Build, Integration and Testing Continuous Delivery and Deployment Runtime Defense and Monitoring Stage Triggers Security Activities SAST SCA Secure code review SAST SCA Container and Image Scan Systems, Containers and Network Vulnerability Monitoring RASP Application Testing and Fuzzing Penetration Testing Systems, Containers and Network Vulnerability Scan Artifacts and Image Repository Scan Integrated SAST via IDE Plugins SAST of Source Code Repo DAST Fuzzing IAST Image Scan Sign Continuous Instantiate Infrastructure Continuous Publish to Artifact and Image Repository Stage and Test Package Build and Integrate Developer Code Continuous Pull, Clone or Commit Application or Feature Design Threat modeling Baseline and Assess Security Controls Kovair Service Offered SecDevOps Platform and Services
  • 5. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission 5 Kovair DevOps – Features Multiple release support within a project with release-based pipeline management Release calendar for tracking releases with release overtime indicator Support for multiple OS (Windows & Linux) and databases (MariaDB, MySQL, SQL Server, Oracle) Task based easy to configure pipelines with both sequential & parallel tasks Support for cloud-based installation, docker image, and downloadable installer Group based access to project, pipeline, and dashboard Intuitive and simple UI with minimum clicks with agent-based execution for scalability.
  • 6. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Control Execution of Pipeline through Email Manage pipeline execution from e-mail Start a pipeline List active pipelines owned by user Stop a running pipeline Check status of a Current pipeline Check last run status of pipeline Check application server health
  • 7. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Container Support • Build Docker images from a Dockerfile • Push an image to the repository • Pull an image from the repository • Run a docker image • Execute Docker Command • Deploy File • Delete File • Create Namespace • Create Job • Delete Job • Create Deployment • Execute Generic Command • Create Project • Create New Application • Create Route • Create Deployment • Create Service • Create Config Map • Create Job • Execute Generic Command
  • 8. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Manage Infrastructure through Plugins • Initialize a working directory containing Terraform configuration files • Create an execution plan • Apply a plan • Destroy all created resources • Create a job against a job template and launch the newly created job • Relaunch an existing job against a job template and launch the newly created job • Create a chart directory along with the common files and directories • Install a new helm package • Upgrade a release to a new version • Uninstall a release • Execute Command in the Helm CLI
  • 9. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Security Testing • Create an application if it doesn’t exist. • Create a build • Upload the WAR file into the scan • Perform pre-scan • Perform static scan • Fetch report data • Create an application if it doesn’t exist. • Create dynamic analysis • Fetch report data • Get Applications • Create and Execute Scan • Get Scan Status • Get Scan Report • Delete Scan Static Application Security Test (SAST) Dynamic Application Security Test (DAST) Dynamic Application Security Test (DAST)
  • 10. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevOps Platform – Reports
  • 11. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission 11 Why Kovair DevsecOps is the need of hour? Note: Contact Kovair for more details, sales@kovair.com CxO’s including CISOs / CIOs / CTOs and the Board of Directors need solutions for Cybersecurity Governance with Real-Time Dashboards! Teams need Collaboration solutions which enforce and monitor compliance to policies! And Enable Compliance to US and ISO Standards. Examples: ISO 27005 and FedRAMP. Evidence-based advice and education on the critical issues in digital transformation and cybersecurity risk oversight. Enabling Certification of digital and cybersecurity governance to shape and secure the digital future for everyone. Source: UCLA Anderson School of Management, DDN: Digital Director’s Network on Cybersecurity Governance
  • 12. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevSecOps - Security As A Service Application Development Lifecycle Security Application Systems and Infrastructure Hardening Application Production Hosting Security Application & Digital Risk Monitoring 360° Protection
  • 13. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevSecOps - Security As A Service – Use case 1  Service helps to assess what type of application data is out there and identifies attacks, breached material, credentials, intellectual property, social media, monitoring, and brand infringement by harvesting data available on the visible, dark & deep web.  Extended Detection and Response Management (XDRM) Services monitor the entire web to detect application- related risks, alert, investigate and even take down the offending content. Application & Digital Risk Monitoring Predict your organization’s application risk
  • 14. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevSecOps - Security As A Service - Use case 2  Services will include Internal Vulnerability assessment & Penetration testing, External Vulnerability assessment & Penetration testing.  On-Prem or Cloud Security Architecture Review and Data Flow analysis on the application production environment and provide recommendation.  Data Centric Security Posture Management assessment and remediation support. Application Development Lifecycle Security Detect your organization’s application risk in development
  • 15. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevSecOps - Security As A Service - Use case 3  Services will include source code review on first party and 3rd party. API Security assessments. External security assessment on application including Blackbox testing. Provide recommendation and remediation support.  Support in creating security policies, guide developers and operators to understand security requirements and best practices to deliver secure codes and serve as advisors.  Bridge resource gaps with our team of security experts by extended application security resourcing support and training. Application Production hosting Security Mitigate your organization’s application risk in production
  • 16. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Kovair DevSecOps - Security As A Service - Use case 4  Services will include attack surface analysis & threat modelling to chalk out the mitigation strategy in short term, mid term or long-term Example of such mitigation includes hardening of application stack through different means on the hosting infra.  Hardening of web application firewall, hosting servers, traffic between distributed layers.  Identity assessment management and anti-DDOS  Any other tailor-made solution Application Systems and Infrastructure Hardening Sustain your organization’s application risk by best practices hardening
  • 17. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Competitive Analysis Features Kovair DevOps Jenkins GitLab Circle CI Supported Platforms Windows, Linux, Docker Image Windows, MacOS Vibrant, Linux, Docker Image Linux, macOS, Windows Linux, macOS License Commercial Basic Version - Open- Source Advanced - Commercial Basic Version - Open-Source Advanced - Commercial Free for open-source projects and Free plan for CircleCI Cloud – upto 1000 build minutes/month, 1 container, and 1 concurrent job Hosting On-premise and Cloud On-premise On-premise and Cloud On-premise and Cloud Prerequisites JRE, Tomcat JRE Node.js, Git, Ruby, Go, Redis Teraform, Kubectl, Helm, HelmDiff, VeleroCLI, AWS and so many No Code/ Low Code Support Yes Yes No No Pipeline Configuration UI & YAML UI & Groovy Script YAML YAML Manage & Execute Pipeline through E-Mail Yes No No No Custom Commandline Plugin Yes No No No Triggering a pipeline from another pipeline Easily configurable Easily configurable Yes, but with YAML Yes, but with YAML Release Calender Yes No No No Support/SLA Yes No official support available or SLAs for Free Edition No official support available or SLAs for Free Edition Yes Cloud Marketplace Yes No Yes Yes Application & Digital Risk Monitoring Yes No No No Application Production hosting Security Yes No No No Application Development Lifecycle Security Yes No No No Application Systems and Infrastructure Hardening Yes No No No
  • 18. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission 18 Sample Kovair Customers BFSI Healthcare Industrial Telecom Semiconductor / Hardware Gov’t and Defense
  • 19. Kovair Proprietary information. Not for disclosure or sharing with any other third party without Kovair’s prior written permission Thank you! For more information Email: info@kovair.com, sales@kovair.com Web: www.kovair.com Follow us

Editor's Notes

  • #11: © Copyright PresentationGO.com – The free PowerPoint template library