Arrow_Dropdownic_001_google+_16ic_002_xing_16Group 2ic_003_facebook_16ic_004_linkedIn_16Groupic_005_message_16ic_006_upload_16ic_007_remove_16ic_008_email_16ic_009_attachment_16ic_010_file_16ic_011_name_16ic_012_arrow_left_16ic_013_arrow_right_16ic_014_arrow_down_16ic_015_arrow_up_16ic_016_dropdown_arrow_down_16ic_016_dropdown_arrow_leftic_016_dropdown_arrow_rightic_017_K&C_dropdown_arrow_up_16ic_018_language_16ic_019_Quote_16ic_020_+_16ic_021_=_16ic_022_phone_16ic_023_twitter_16ic_024_position_16ic_025_company_16ic_026_search_16ic_027_mobile_16ic_028_fax_16ic_029_location_16ic_030_enlarge_16ic_031_downscale_16ic_032_contactic_download_normal_16pxic_033_skype_16ic_006_download_16 copySearchGroup 26Rss_font_awesomeK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxic_agile_128ic_business_128ic_agile_white_128ic_banknote_smile_128ic_business_128ic_business_128ic_checkmark_128ic_client_team_manager_128ic_code_file_128ic_code_files_128ic_corporate_cloud_platforms_128ic_crossplatform_apps_128ic_dedicated_team_128ic_developer_128ic_development_team_128ic_enterprise_128ic_faster_timeframe_128ic_fixed_price_128ic_graph_down_128ic_graph_down_128ic_hourly_128ic_hourly_white_128ic_information_finder_128ic_junior_developer_128ic_managed_team_128ic_message_128ic_mobile_app_startups_128ic_mobile_development_128ic_mobile_development_up_128ic_mobile_devices_128ic_multiplatform_128ic_multiplatform_white_128ic_pricetag_128ic_project_checklist_128ic_project_management_128ic_project_management_team_128ic_research_and_development_team_128ic_scalable_team_128ic_senior_developer_128ic_smaller_codebase_128ic_smaller_price_128ic_startup_128ic_team_manager_128ic_three_times_faster_128Consul_VerticalLogo_FullColorPacker_VerticalLogo_FullColorTerraform_VerticalLogo_FullColorVault_VerticalLogo_FullColorethereum_black_64ic_Interest_based_64ic_acrivate_card_64ic_api_client_64ic_application_architecture_64ic_application_architecture_ white_64ic_application_development_user_64ic_application_development_user_64ic_arrow_down_64ic_automated_backups_64ic_automated_infrastructure_provisioning_64ic_automated_infrastructure_provisioning_white_64ic_automated_storage_64ic_automated_storage_64ic_automation_64ic_microservice_architecture_64ic_avaliability_across_the_world_64ic_avaliability_across_the_world_white_64ic_blockchain_64ic_blockchain_white_64ic_brackets_64ic_brackets_64ic_build_64ic_build_64ic_build_64ic_business_64ic_business_partnership_64ic_business_partnership_white_64ic_business_64ic_calculator_64ic_calendar_64ic_calendar_64ic_car_rent_64ic_card_renewal_64ic_chat_64ic_chat_bubbles_64ic_chat_bubbles_64ic_chat_white_64ic_checklist_64ic_checkmark_64ic_blockchain_64ic_smart_development_64ic_blockchain_consulting_64ic_checkmark_white_64ic_clock_64ic_clock_white_64ic_cloud_media_64ic_cloud_solutionsic_cloud_solutions_whiteic_cluster_64ic_cluster_white_64ic_code_base_optimization_64ic_coding_64ic_coding_white_64ic_commenting_widget_64ic_commenting_widget_64ic_containers_64ic_containers_white_64ic_continious_64ic_continious_delivery_64ic_continious_delivery_white_64ic_continious_release_64ic_continious_release_white_64ic_continious_white_64ic_cost_saving_64ic_cost_saving_white_64ic_cpu_load_64ic_credit_card_64ic_crossplatform_app_development_64ic_crossplatform_app_development_white_64ic_custom_crm_64ic_custom_crm_64ic_independence_consulring_64ic_database_calls_64ic_database_calls_white_64ic_dedicated_teams_64ic_dedicated_teams_64ic_desktop_application_user_64ic_desktop_application_user_64ic_desktop_code_64ic_desktop_code_white_64ic_developer_64ic_developer_white_64ic_development_64ic_devops_64ic_devops_64ic_documents_64ic_documents_graph_64ic_documents_graph_white_64ic_documents_white_64ic_download_presentation_64ic_education_64ic_email_open_64ic_email_open_white_64ic_environment_healthcheckethereum_white_64ic_euro_64ic_euro_white_64ic_failure_solved_64ic_gdpr_64ic_globe_outlines_64ic_good_quality_64ic_high_load_websites_64ic_high_load_websites_white_64ic_hotel_booking_64ic_inability_64ic_inability_white_64ic_increase_64ic_increase_white_64ic_increasing_team_64ic_independence_64ic_integration_64ic_it_outsourcing_64ic_it_outsourcing_64ic_knowledge_sharing_64ic_mobile_devices_64ic_laptop_user_64ic_laptop_user_white_64ic_launch_64ic_launch_white_64ic_learning_64ic_learning_two_white_64ic_lighthouse_64ic_link_64ic_load_balancer_64ic_load_balancer_64ic_load_card_64ic_lock_64ic_lock_white_64ic_low_cost_64ic_low_load_websites_64ic_maintenance_tools_64ic_maintenance_tools_white_64ic_media_player_64ic_media_player_white_64ic_messaging_platforms_64ic_microservice_architecture_64ic_microservices_64ic_microservices_64ic_mobile_app_64ic_mobile_app_64ic_mobile_content_64ic_mobile_development_64ic_mobile_development_white_64ic_mobile_devices_64ic_mobile_devices_white_64ic_mobile_payments_64ic_mobile_social_media_applications_64ic_mobile_workflows_64ic_money_transfers_64ic_multimedia_sharing_64ic_multimedia_sharing_white_64ic_my_garage_64ic_no_access_64ic_no_access_white_64ic_no_oldschool_64ic_online_marketplaces_64ic_online_marketplaces_white_64ic_online_trading_64ic_online_trading_64ic_pair_device_64ic_parallels_64ic_parallels_white_64ic_passcode_64ic_payment_systems_64ic_performance_64ic_performance_issues_64ic_performance_issues_white_64ic_performance_white_64ic_plane_64ic_plane_white_64ic_plus_64ic_plus_64ic_pricetags_64ic_pricetags_64ic_product_64ic_product_search_64ic_product_white_64ic_productivity_tools_64ic_productivity_tools_64ic_project_delivery_64ic_project_delivery_white_64ic_project_management_64ic_project_management_collaboration_64ic_project_management_team_64ic_project_management_team_white_64ic_project_risks_reduced_64ic_quality_mark_64ic_quality_mark_64ic_quality_mark_white_64ic_question_64ic_react_native_64ic_response_time_64ic_response_time_white_64ic_rest_api_64ic_retail_64ic_transparency_consulting_64ic_scale_up_64ic_scale_up_white_64ic_security_64ic_security_64ic_self_healing_64ic_self_healing_64 copyic_send_money_64ic_server_64ic_server_white_64ic_shopping_64ic_shopping_white_64ic_sleep_mode_64ic_small_is_beautiful_64ic_smaller_price_64ic_social_benefits_64ic_social_connections_64ic_socket_64Group 20ic_spare_parts_for_cars_64ic_spare_parts_for_cars_white_64ic_speedometer_64ic_performance_consulting_64ic_speedometer_white_64ic_startup_64ic_startup_white _64ic_target_64ic_team_64ic_testing_64ic_testing_checklist_64ic_testing_checklist_white_64ic_testing_white_64ic_three_times_faster_64ic_touch_64ic_touch_id_64ic_touch_white_64ic_transparency_64ic_ui_design_desktop_64ic_ui_design_mobile_64ic_ui_design_mobile_white_64ic_umbrella_64ic_umbrella_64ic_umbrella_white_64ic_up_and_down_scaling_64ic_up_and_down_scaling_64ic_users_64ic_users_white_64ic_ux_design_64ic_ux_design_desktop_64ic_ux_design_64ic_ux_design_white_64ic_vehicle_64ic_web_based_search_64ic_web_based_search_white_64ic_web_browser_code_64ic_web_browser_developer_mode_64ic_web_browser_user_64ic_web_development_64ic_web_development_white_64ic_web_portals_64ic_web_portals_64ic_web_user_64ic_web_user_white64ic_workflow_64ic_workflow_steps_64ic_workflow_steps_white_64ic_workflow_white_64ic_working_environment_64solidity_blackGroup 19

DevOps Becomes DevSecOps to Secure Your Application

Just a normal morning. Jim, the CTO of a promising start-up, is reading the news. When suddenly one headline draws his attention: A successful security attack on a competitor who’s now struggling to continue his business. At first, Jim grinned with delight but then started to think - what if they attack us? “Of course, we have our IT security officer Bill. But Bill takes most care about the infrastructure. Occasionally, he does penetration tests. But we have weekly deployments,” Jim continued thinking. “So those checks turn out to be overdue too often.”


In many organizations, security departments play second fiddle during the development process. Most companies integrate the agile principles, DevOps, and QA, seeing security too often just as a sticking point to rapidly tap into a market. However, the costs in case of a successful attack can be disastrous. The contrary is true. If security is properly handled from the very beginning of application design, additional costs are marginal.

 

This story will show you how to efficiently implement a process, which ensures the correct implementation of security standards with little additional costs and at any time. 

 

Let’s see how DevOps becomes DevSecOps.

Security Starts from the Top

The first step is to change the mindset, especially at top management, just as Jim did. Typically, for major IT managers, the most significant thing is to deliver top-notch features to beat the competitors and ensure the running of the application. And all these under challenging conditions where the budget is limited, and a timetable is jam-packed. 

More

“How can I ensure security and still meet my goals?” continued Jim contemplating. “What I need is a process. It should just make sure anytime that the application and infrastructure are secure. There shouldn’t be any chance to bypass it, so a quick fix can only spoil it. And it should be so good documented, that the security guy Bill or any other auditors, or customers, or …. are convinced regarding our security activities,” he continued dreaming.


Then Jim remembered that they had similar issues with code quality a couple of years ago. Bugs in production caused many problems, leading to customer dissatisfaction. They solved it by integrating QA in the development process. Automated tests at commit or build time plus a well-documented process for manual testing before delivery.


Why not doing the same to ensure a high-security level?


“This I cannot decide alone, the whole team shall contribute,” he thought. So he invited them for a meeting: Bill, the security officer, Joanne from business, and Igor from development.

Understand Your Enemies

“Let’s start from the beginning,” said Bill. "First, we have to understand potential threats. What are the major risks and what they can cause? To begin, all stakeholders should check the importance of data and the effect of particular threats to the business. At this, threat modeling techniques can come in handy:


“If you want that I handle it, please, put it into the backlog,” said Igor the developer. 


“Is it as a feature?” asked Joanne.


“No, a threat is more like an anti-feature,” he smiled. “I propose to resort to agile software development methods with all these negative user stories that we could test again and check if we really avoided them on our end.”

Plan

A good roadmap is a necessary basis to create a secure infrastructure. As the team was now focussed on the development process, infrastructural aspects like firewalls - despite their importance - were not covered in their discussion.

 

Bill knew how to handle it. He suggested to develop an architecture for the range of DAST (Dynamic Application Security Testing) technologies. They implied the detection of security vulnerability in an app in its operating state and were useful not only for finding problems in the source code, but those that happened during use as well.

Development Guidelines

When the plan was somehow elaborated, the time has come for Jim and his team to mention some things that are always good to have on the checklist. Encrypting passwords (at this, passwords should be stored unencrypted in the database, so they cannot be stolen), using SSL connections for communication, and other approaches. All these are well known but too often undeservingly forgotten. Of course, this takes additional development effort, but with the right frameworks and templates, it can be handled. 


“We need to make our application more resistant against attacks. Maybe, they can come through the door into the house, but we don’t have to let them go anywhere! Our web applications must check if requests are valid and authenticated. Other checks are about data malformation (for example, a remote procedure call, Session Initiation Protocol [SIP], and so on),” uttered Jim and hotly filled up the last space on the whiteboard.

And What About the Old Stuff?

Everything was clear and unanimous approval was in the air until Igor brought up the topic about the integration of some legacy application. 


“No one knows the code,” the team started arguing. “No one knows potential threats!”


Yet, in the end, Joanne came up with an elegant solution. 


“Why not moving this application in a special zone with very limited and restricted access from the other applications?

 

“By doing these, risks are minimized,” the male experts had to agree. 


“It is called Runtime Application Self-Protection (RASP),” said Joanne proudly. “This is a security technology that blocks security attacks. Compared to firewalls, which are able only to find threats with the help of network information, RASP is more efficient and can better the security of software through the monitoring of its inputs and blocking of those that could commit attacks.”

Develop Secure Code

Now, they started to talk about the code and looked at Igor the developer. He got blushed.


“Of course I am writing secure code!” Igor said. “But I cannot prove it,” he had to admit.


Igor was getting a little bit unsure. Actually, how does he know it? Of course, he checks passwords strength, and uses encrypted connections to the backend, but, hey, these hackers are really genius nowadays. And what’s about the juniors in his team?


After a while, Igor suggested a simple solution. 


“Let’s delegate this job to the computer and do the checks right away. Companies and organizations provide tools that check the code for Static-Code-Analysis-Testing (SAST) while coding.”


And that’s a really good point. As by integrating the static code analysis during development and commit time into the IDE (Integrated Development Environment), you give the developer immediate feedback about the security level of their application. This will dramatically improve their learning curve considering secure coding. Common threats like SQL injections or Cross-Site Scripting were checked.

Build

“What about external software,” Jim asked. “We use a lot of them to speed up development and reduce costs. Unfortunately, they are often the backdoor into the company.”


In this way, it becomes obvious that static code testing needs to check them as well. 


“What about the usage of external party software like open source?” suggested Jim. “It significantly reduces development effort.”


“However, at the same time, this code appears very often to be a potential security risk,” replied Igor. “Yet, by checking this code for known vulnerabilities (for example, with OWASP Dependency-Check), you can detect such flaws and fix them, as soon they became known.”


The OWASP utility works by scanning your code and dependent open-source component libraries to see if they contain any key OWASP flaws. It works against a constantly updated database of all known vulnerabilities in open-source software.

Test

“Great job, team!” said Jim proudly. “We understood the potential risks, created an architecture which reduces it, and checked new and legacy code for known vulnerabilities. Did we forget something?”


The team didn’t forget about anything except additional security external vulnerability scanning, what was immediately reminded by Igor and put on the list. 


In addition to the white box testing in the development phase, automated security, and vulnerability scanning checks, Jim decided on running similar tests, which simulate the way hackers work. Of course, these tests will be integrated into the deployment process. So it cannot be forgotten. A report will be the proof to management. 

Run

“The last but not the least thing to remember is to maintain security on all steps of the app’s lifecycle,” told Jim enthusiastically. And a production phase is not an exception in regard to all mentioned tests. They must be proceeded and carefully monitored. Let’s remember that any incident is to be reported to the architecture specialists and the development team to improve the security level of the application.”


Jim returned pleased to his office. In the end of the day, their new approach is the promising way to deploy to production. No bypasses which might bring in any vulnerabilities were allowed no longer.



“Now, we have a tamper-proof way of our deployment process,” he thought. “In case something happens, we will understand whether we are to blame or no and how we can repair it. Plus, our GDPR officer Helen will also be very excited. Actually, what we are doing is for good reasons required by the new EU law. And I can relax because all activities are properly defined in a clear process. Hackers, now you’re welcomed to enter my house!”

SHARE WITH FRIENDS
You might find this interesting
Our cases
Bosch Classic Cars - Digital Engagement Platform for 19K Vintage Car Owners
Our cases
Liferay Portal Performance Tuning Services for a Major Online Gaming Software Supplier
Our cases
How to apply React Native while developing heavy cross-platform mobile apps
E-book
How to Secure Web Product Development — FREE eBook
E-book
Digital Transformation: the Philosopher’s Stone of Economic Growth
Our cases
Reference: Major producer of auto electronics and spare parts
Our cases
Micro-service Architecture for New AngularJS Application - Case Study
Our cases
Portal Performance Tuning For Major German Travel Agency
E-book
Top Tools for Cost-Effective Web Development — eBook
Our cases
Reformation of Deployment Cycle for Bosch Classic Cars Portal
Our cases
Fast and Lightweight Mobile Application based on PhoneGap/ Cordova
Our cases
Drivelog.de — Web Marketplace for Car Owners and Service Providers
E-book
Determining Approaches to Mobile App Development
Our cases
The Platform Providing Event Organization
Our cases
VAIX - Fault tolerant infrastructure for 24/7 high-load machine learning service
Web,DevOps,Our cases
Our case: Marketplace for gaming goods
Outsourcing,Other
Hybrid, SaaS+PaaS, IoT: Cloud Trends to Catch in 2018
Web
Angular 2.0 vs Angular 1.4. What fits you best?
Web,Outsourcing,Testing
Sicherheit für Web-Anwendungen - dank Threat Modeling
Web
How to Motivate Your Dedicated Team to Work with Legacy Projects
Web
Fintech Apps - A Lucrative Solution for Customers and Businesses Alike
Outsourcing,Other
How to Control Agile Development: Progress and Costs
Web
Three Authentication Approaches to Keep Your Clients Safe
Web
A Guidance for Keeping Your Web Development Project Within the Budget: Three Key Pillars
DevOps,Outsourcing,Other
ROCKET.CHAT as an internal messaging system and helpdesk platform
Web
Advanced Technologies for Marketing Automation
Web
Centralized Logging with Logstash, Elasticsearch & Kibana
Other
Culture eats technology for breakfast
Web
K&C insights: how to make your workflow work for you
Other
I’m Tired of Blockchain Hype, Are You?
Web
Node.js 10.0.0: Everyone’s Favorite Got Even Better
Web
Technologies that Foster Digital Transformation
DevOps
How We Use Ansіble for Configuration of Our Environments
DevOps,Outsourcing,Other
How to setup Kubernetes cluster on AWS
DevOps
DevOps with Puppet: Tips on Setting it up for Configuring Servers
Other,Marketing
How to Become a Leader in Your Market
Mobile
Reasons to believe in Ionic hybrid app
DevOps
How to start services on Linux
Web
Agile and DevOps are Key Drivers of Digital Transformation
Web,Our cases
White Label: A Customized Software Solution from a Business and Tech Perspective
Web,Outsourcing,Testing
Web App Security 101: Keep Calm and Do Threat Modeling
Web
Scaling software solutions - how it works
Other
Don’t Treat Me Like a Fool: The worst thing you can do for your business
Web,Other
Dedicated Teams for Web Development: Choice Criteria to be Checked
Web,Other
How to Make Your Web Solution Rock: 7 Areas to Check
Web,Outsourcing
Migration from Angular 1 to Angular 5
Mobile
Native or Hybrid Apps: A Quick Comparison
DevOps
Setting Up: Traefik Balancer In Rancher Cloud
Web,Outsourcing,Amazon Web Services
DEBUGGING AWS LAMBDA FUNCTIONS
Other
Europe’s Big Payments Directive PSD2
Web,Amazon Web Services
Monolith, Microservices, Serverless... Are We in the Middle of the Way?
DevOps
DevOps: Kubernetes Federation on Google Cloud Platform
DevOps,Amazon Web Services
Kubernetes at the Forefront of Secure Microservices Future
Other
The Power of the Holistic Business Analysis
Outsourcing,Other
How to Ramp up Your Team Wisely
Web
A secret formula of an agile dream team
DevOps
Use case: how to build and run Docker containers with NVIDIA GPUs
Web,Mobile,Back-end,Amazon Web Services
Why Enterprises Choose Serverless Architecture
DevOps
What to Choose: NFS or CEPH?
DevOps,Outsourcing
Rancher 2.0: A Quick Look at the New Version
Web,Outsourcing
Why It’s Better to Use Vue.js than Angular and React in 2018
Web,Outsourcing,Other
How a Company Can Benefit from White Label: K&C experience
Other
Big Data: Why Your Business Needs it ASAP
Outsourcing
SCALED AGILE FRAMEWORKS: YOUR COMPLETE GUIDE TO WHICH, WHY AND HOW
Web
SEO Tips & Tricks for Single Page Web Applications
Web
Web App Security 101: How to Defend Against a Brute Force Attack
Web
4 Time-Saving Ways to Test Your Cross Platform Mobile App
Web
JQuery vs. Angular: Ad Astra per Aspera
DevOps
Kubernetes backup with Heptio Ark
DevOps
Hashicorp in Kubernetes: The short guide for Consul & Vault
Web,Other
SSR or CSR for Progressive Web App
Other
Ember, jQuery, Angular, React, Vue: What to Choose?
Web,Outsourcing,Other
Angular vs. React vs. Vue – Let the Fight Start!
DevOps
Docker: Virtualize Your Development Environment Right
Outsourcing,Other
Fortschritt und Kosten im Griff: agile Software-Entwicklung unter kontrollierten Bedingungen
Web,Other
Progressive Web Apps and Why You May Need Them
DevOps
How to Build a Rancher & Docker Based Cloud
Web,Outsourcing,Other
Angular 5.0.0 – A Better Version of Itself
Outsourcing
The BPM in the Microservice Environment
Web
Cost efficient technologies
Outsourcing,Testing
Die Rolle des QS-Teams in Software-Projekten
Web,Outsourcing
Angular 6 Will Be A Hit
DevOps,Outsourcing
AWS DevOps: A New Way to Run Business
DevOps
Installation and setting up: Nextcloud as a local network storage on CentOS7
Web,Outsourcing,Other
JavaScript & WebSockets: How to Build Real-Time Applications
Web,Mobile,Outsourcing
Web-Anwendungen ziehen mit Mobile-Apps gleich
Outsourcing,Testing
How the QA Team Tests Your Project
Web,Outsourcing,Other
Angular 5 VS React.js – Who’s Going to Set the Tone in the Upcoming Year?
Web
All You Need to Know About Web App Security Now
Web,Outsourcing,Other
Golang vs. Node.js
Web
Microservices… when do we need them?
Web,Mobile,Outsourcing,Other
All You Wanted to Know About Chatbot Platforms
Web
Plan to Succeed: 4 Tips for Building Scalable Software
Marketing
Аudience-based Marketing
Web
Angular 4 vs React – what to choose in 2017
Web,DevOps,Outsourcing
DevOps als DevSecOps – Integrierter Schutz vor Bedrohungen ohne Termin- und Budgetüberschreitung
Web,Other
JAMSTACK IS THE NEW FACE OF STATIC SITES
Web
Cloud Deployment: Overview of Options
Other
How to Convert Your Business to an Amazon-Style Market Leader
Web
When Microservices Help Make Future-Ready Products
Testing
What Is Quality Assurance and Why You Need It Immediately
Web
Debunking imaginary shortcomings of cross-platform frameworks
Web,Mobile,Back-end,Amazon Web Services
Serverless Architecture for Modern Apps: Stacks Providers & Caveats
DevOps,Outsourcing,Amazon Web Services
Information Security with AWS DevOps
DevOps,Other
Security in Kubernetes and How Companies Can Benefit from It
Our cases
How to Save Money Using Your Own Infrastructure
Other
Swimming with Sharks
Web,Outsourcing
Node.js vs. Angular.js – Two Sides of the Same Coin
DevOps
How We Manage Our Infrastructure with Chef
Other
GDPR: Smart Practices
Web,Outsourcing
ANGULAR 6 versus REACT 16.3
Web,Outsourcing,Other
JS Frameworks: The Trendiest Frameworks You Should Know
Web,Outsourcing
Angular 7 vs React
Web,Outsourcing
Angular 6 vs. Ember 3
Web,Other
GoLang: Features, Pros and Cons
Web,Outsourcing,Testing
QA for CxOs: How to Hire and Outsource
Web
What's New in React 16.3.0 - 16.4.2: Features Overview
DevOps
DevOps As DevSecOps – Full Integration of Threat Protection Without Compromising Deadlines of Budgets