Filters








29 Hits in 2.2 sec

Self-service Cybersecurity Monitoring as Enabler for DevSecOps

Jessica Diaz, Jorge E. Perez, Miguel A. Lopez-Pena, Gabriel A. Mena, Agustin Yague
2019 IEEE Access  
This paper focuses on self-service cybersecurity monitoring as an enabler to introduce security practices in a DevOps environment.  ...  This self-service monitoring/alerting allows breaking silos between dev, ops, and sec teams by opening access to key security metrics, which enables a sharing culture and continuous improvement.  ...  ACKNOWLEDGMENT The authors would like to thank Esperanza Rama for her support in the case study.  ... 
doi:10.1109/access.2019.2930000 fatcat:jvolxvkp4zdhjkuyhmjgbbek7i

Performance Analysis of Automation Monitoring System shifting from DevOps to DevSecOps

2020 International Journal of Emerging Trends in Engineering Research  
This paper evolves via way of means of introducing right metrics for having a Reliable Monitoring systemin every degree of development, via way of means of recording each earlier than and after states  ...  To investigate and to reviewed through the four principles of DevSecOps: ethnicity, Automation, dimension and division .As a consequence, it was found that the available research focuses heavily on securing  ...  In [3] runtime security was achieved by monitoring security metrics, identifying vulnerabilities, and using adaptive self-defense mechanisms to protect the system (eg automatic patches and firewall actions  ... 
doi:10.30534/ijeter/2020/40892020 fatcat:lqnqln2yvzhnraetgryro45z7i

Monitoring Real Time Security Attacks for IoT Systems Using DevSecOps: A Systematic Literature Review

Ahmed Bahaa, Ahmed Abdelaziz, Abdalla Sayed, Laila Elfangary, Hanan Fahmy
2021 Information  
We also evaluated various datasets used for the models, IoT attack types, independent variables used for the models, evaluation metrics for assessment of models, and monitoring infrastructure using DevSecOps  ...  use of machine learning techniques for advanced supervision and monitoring.  ...  Security teams use the continuous and fast process from Ops to Dev to instantiate IoT's self-service cyber security management systems to enforce security in a DevOps environment. Ramón et al.  ... 
doi:10.3390/info12040154 fatcat:oevgg4yzwfa3ldz26v5j5wthqy

SecDocker: Hardening the Continuous Integration Workflow [article]

David Fernández González, Francisco Javier Rodríguez Lera, Gonzalo Esteban, Camino Fernández Llamas
2021 arXiv   pre-print
Current Continuous Integration processes face significant intrinsic cybersecurity challenges.  ...  The tool, called \SD for its Docker-based approach, is publicly available in GitHub.  ...  To enable such concepts or practices, and thus aid developers in materializing them, DevOps relies on using a range of tools [5, 15] ; from source code management to monitoring and logging, as well as  ... 
arXiv:2104.07899v1 fatcat:skwplgdn5zgddjqr4wi5ls6ouy

Cyber Security amid COVID-19

Hussin J. Hejase, Hasan F. Fayyad-Kazan, Ale J. Hejase, Imad A. Moukadem
2021 Computer and Information Science  
well as best practices to counterattack the breaches to cybersecurity in organizations.  ...  In fact, Software and security company VMware Carbon Black declared during April, “that ransomware attacks it monitored jumped 148% in March from the previous month, as governments worldwide curbed  ...  Cyberattacks and Cybersecurity: IT Professionals Voice  92% of IT professionals give a vote of no trust to their organizations as for their preparation to offer public cloud services security.  ... 
doi:10.5539/cis.v14n2p10 fatcat:gehox2abkrgeldcfxtbiq7ml7q

Integration and Deployment of Cloud-Based Assistance System in Pharaon Large Scale Pilots—Experiences and Lessons Learned

Andrej Grguric, Miran Mosmondor, Darko Huljenic
2022 Electronics  
The EU project Pharaon aims to support older European adults by integrating digital services, tools, interoperable open platforms, and devices.  ...  The integration of mature solutions and existing systems is one of the preconditions for the successful realization of the different aims of the pilots.  ...  Acknowledgments: The authors would like to acknowledge the contribution of the COST Action CA16226-Indoor living space improvement: Smart Habitat for the Elderly.  ... 
doi:10.3390/electronics11091496 fatcat:qhgyjrw645dcrno6fikz75s3ee

Executive Overview [chapter]

Dan Blum
2020 Rational Cybersecurity for Business  
Security Services in the IT Service Catalog" • "Upgrade IT Operations with DevSecOps and Disciplined Agile" Control Access with Minimal Drag on the Business Every business has rules and requirements  ...  • "Monitor Identity-Related Events and Context" • "Build Up Identity, Privilege, and Data Governance Services" • "Risk-Inform Access Management Functions" Institute Resilient Detection, Response, and  ...  If you need to, add additional rows for priorities such as "Secure our customer-facing services" to the table.  ... 
doi:10.1007/978-1-4842-5952-8_1 fatcat:o2f7aofzj5aarcutbdhp3t4lty

Control Access with Minimal Drag on the Business [chapter]

Dan Blum
2020 Rational Cybersecurity for Business  
Enable IAM in microservices and container environments to support DevSecOps initiatives for IaaS or private clouds.  ...  Businesses can also monitor decentralized identity, or so-called self-sovereign identity models.  ...  Action -Define 1-3 improvement objectives for the access control and data governance. Note improvement objectives in Section 4, Table 9 , of the worksheet.  ... 
doi:10.1007/978-1-4842-5952-8_8 fatcat:okyn2ptf65c4jlk4jpvukriydu

SecDocker: Hardening the Continuous Integration Workflow

David Fernández González, Francisco Javier Rodríguez Lera, Gonzalo Esteban, Camino Fernández Llamas
2021 SN Computer Science  
AbstractCurrent Continuous Integration (CI) processes face significant intrinsic cybersecurity challenges.  ...  The tool, called SecDocker for its Docker-based approach, is publicly available in GitHub.  ...  To enable such concepts or practices, and thus aid developers in materializing them, DevOps relies on using a range of tools [5, 16] , from source code management to monitoring and logging, as well as  ... 
doi:10.1007/s42979-021-00939-4 fatcat:5r3i6abgvvh5jauvfhsco6luxi

Guidelines on Minimum Standards for Developer Verification of Software [article]

Paul E. Black, Barbara Guttman, Vadim Okun
2021 arXiv   pre-print
This document describes eleven recommendations for software verification techniques as well as providing supplemental information about the techniques and references for further information.  ...  Executive Order (EO) 14028, "Improving the Nation's Cybersecurity," 12 May 2021, directs the National Institute of Standards and Technology (NIST) to recommend minimum standards for software testing within  ...  Acknowledgments The authors particularly thank Fay Saydjari for catalyzing our discussion of scope, Virginia Laurenzano for infusing DevOps Research and Assessments (DORA) principles into  ... 
arXiv:2107.12850v1 fatcat:hb4csa5mprclld3livs57lilfa

Cybersecurity in Robotics: Challenges, Quantitative Modeling, and Practice [article]

Quanyan Zhu, Stefan Rass, Bernhard Dieber, Victor Mayoral Vilches
2021 arXiv   pre-print
This book is intended as an accessible starter for the theoretician and practitioner working in the field.  ...  We advocate quantitative methods of security management and design, covering vulnerability scoring systems tailored to robotic systems, and accounting for the highly distributed nature of robots as an  ...  We thank many of our friends and colleagues for their inputs and suggestions.  ... 
arXiv:2103.05789v4 fatcat:p3inkof6kbh3rds6jigvmq4doe

Obérisk: Cybersecurity Requirements Elicitation through Agile Remote or Face-to-Face Risk Management Brainstorming Sessions

Stéphane Paul, Douraid Naouar, Emmanuel Gureghian
2021 Information  
The approach has matured for the last three years by using it for training and a wide range of real industrial projects.  ...  Cybersecurity risk analyses are more than ever necessary, but... traveling and gathering in a room to discuss the topic has become difficult due to the COVID, whilst having a cybersecurity expert working  ...  Acknowledgments: We hereby acknowledge ANSSI and the College of Practitioners of Club EBIOS for their valuable comments on the method and material.  ... 
doi:10.3390/info12090349 doaj:dcb8f54cbc304eb3aff0b6c1c8c44618 fatcat:7njkgunbwjfghnywfnvc2c4heq

Mentor's Musings on Security Standardization Challenges and Imperatives for Artificial Intelligence of Things

N. Kishor Narang
2022 IEEE Internet of Things Magazine  
For many years, using cloud services was the go-to option for consumers and businesses, as the ease of access that the cloud offered was unrivaled.  ...  Those of us who have worked in cybersecurity for many years often start to think we have "seen it all." We have not.  ... 
doi:10.1109/miot.2022.9773094 fatcat:ds7mdlqhijfbrcff3q6vmj6oee

COVID-X D2.1 – Sandbox Design & Datalake Creation and Ingestion [article]

AUSTRALO
2021 Zenodo  
For the integration, testing and deployment process a Continuous Integration/Continuous Delivery (CI/CD) and DevSecOps approach is followed by COVID-X Sandbox.  ...  Sandbox follows the Service-Oriented Architecture approach, implemented as a combination of different components that collectively aim to enable seamless access to a set of healthcare data sources.  ...  CLEOS is an interactive knowledge base that performs all cognitive tasks within the clinical method except for physical examination, as depicted in Figure 8 .  ... 
doi:10.5281/zenodo.4775426 fatcat:5wfdrddjbfh4dfdwicjij73kwi

Edge computing for 5G networks - white paper

David Artuñedo Guillen, Bessem Sayadi, Pascal Bisson, Jean Phillippe Wary, Håkon Lonsethagen, Carles Antón, Antonio de la Oliva, Alexandros Kaloxylos, Valerio Frascolla
2020 Zenodo  
The 5G PPP Initiative and the 5GIA are happy to present a new white paper entitled "Edge Computing for 5G Networks".  ...  In this context, to achieve ideal DevSecOps it is essential to first capture domain specific concepts, such as target platform features and non-functional software requirements in models to instruct self-adapting  ...  Worth highlighting is the fact that a "generic monitoring service" is mentioned as a specific example of a VNF Common Service.  ... 
doi:10.5281/zenodo.4555780 fatcat:sg62p5agq5c75hsbr2hyb4vkqe
« Previous Showing results 1 — 15 out of 29 results