Scribd Logo
Upload

Welcome to Scribd!

  • SSDLC Roadmap Stages

    Uploaded by

    Hadi Utomo
    45 views5 pages
    The document summarizes the current state of an organization's application development and operations processes. It finds that development lacks standardization, documentation, centralized source code, and security practices. Operations also has minimum protection and monitoring. It then proposes implementing a secure software development lifecycle with standardized processes, centralized source control, a secure pipeline, and independent security and DevOps teams to address these issues at both the development and operations stages.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document summarizes the current state of an organization's application development and operations processes. It finds that development lacks standardization, documentation, centralized source code, and security practices. Operations also has minimum protection and monitoring. It then proposes implementing a secure software development lifecycle with standardized processes, centralized source control, a secure pipeline, and independent security and DevOps teams to address these issues at both the development and operations stages.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    45 views5 pages

    SSDLC Roadmap Stages

    Uploaded by

    Hadi Utomo
    The document summarizes the current state of an organization's application development and operations processes. It finds that development lacks standardization, documentation, centralized source code, and security practices. Operations also has minimum protection and monitoring. It then proposes implementing a secure software development lifecycle with standardized processes, centralized source control, a secure pipeline, and independent security and DevOps teams to address these issues at both the development and operations stages.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 5

    Current Condition

    Existing Application :
    - AAA - DDD - GGG
    - BBB - EEE - HHH
    - CCC - FFF - III

    Development Process
    1. Standardize Development mode ? Not Yet
    2. Development Documentation? Not Yet
    3. Centralize source code? Minimum
    4. Security involve Development Process? Not Yet
    5. Standardization Environment? (some application Demo Deploy to public host)

    Operation Process
    1. Protection In Production? Minimum
    2. Analysis and monitory? Minimum
    Reflection Current Condition To SDLC Process
    Propose Solution Based on Current Condition
    Development Team
    1. Implement Standard Software Development Live Circle (SDLC)
    2. Transformation from Software Development Live Circle (SDLC) TO Secure Software Development Live Circle(SSDLC) in pararely
    3. Centralize all source
    4. Build Secure Pipeline
    5. Build Independent security team

    DevOps Team
    This team will handle handle all CI/CD (automation) and help developer to deploy application to Environment,
    Include Automation Testing

    Security Team
    Build Red Team Build Blue Team
    • Offensive Security • Defensive Security
    • Ethical hacking • Infrastructure Protection
    • Exploiting Vulnerabilities • Incident Response
    • Penetration Testing • Digital Forensics
    • Web Application Scanning • Threat Hunters
    • Social Engineering • Operational Security
    Operation Urgent
    1. Protection In Production Like WAF or Monitoring traffic and Security Protection
    2. Analysis and Monitory Like SOC And SIEM
    Secure Pipeline In Secure SDLC Process Level 1
    Secure Pipeline In Secure SDLC Process Level 2

    You might also like