This repo contains the material for the How to Automate Application Security - the DevSecOps way workshop.
First of all - a methodology.
DevSecOps—short for development, security, and operations—automates the integration of security at every phase of the software development lifecycle, from initial design through integration, testing, deployment, and software delivery.
DevSecOps stands for development, security, and operations. It's an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire IT lifecycle.
DevSecOps (short for development, security, and operations) is a development practice that integrates security initiatives at every stage of the software development lifecycle to deliver robust and secure applications.
Installation of Jenkins can be done in a lot of places. We would have 2 possibilities - install in AWS via Terraform or install locally in a docker conatiner. Installation of Jenkins in AWS will lead to adidtional charges. Free tier machines are not enough for running Jenkins