Student Work

Companies are generally hyper-focused on releasing software quickly to meet strict deadlines or to stay ahead of the competition. This generally results in implementing security once software is near release. In applying DevSecOps best practices early, companies can not only catch and fix security problems early but train their teams in what to avoid in the future. For those organizations that implement DevSecOps, it is found to be implemented during the beginning stages of their software development projects. Most of which is focused on identifying and displaying the source of security misconfigurations. AutoDSO will base their security best practice requirements based off the OWASP DevSecOps model. AutoDSO takes DevSecOps a step further by focusing on establishing security baseline requirements and allowing the users to select metrics specific to their DevSecOps policies and procedures. The application generates an automated DevSecOps policy document which can be used by security analyst and given to auditors to monitor a company’s DevSecOps processes. This allows companies an efficient way to document their security best practices and ensuring that security becomes a part of continuous integration and continuous development (CI/CD) in their organization.

创建者

• Eves, Dorothy
• Phu, Vance
• Gantt, Chelsea

证书

• Attribution-NonCommercial-NoDerivs 4.0 International

提交

CECH Library Service

学

• Education, Criminal Justice, and Human Services

部门

• Information Technology

学位

• BS (Information Technology)

创建日期

• 2020-04

指导教授

• Vykhovanyuk, Bogdan

出版者

• University of Cincinnati

关系

在收集：

• 2020 CECH Information Technology Senior Design Projects

单件

缩略图	标题	上传日期	公开度	行动
	IT2020_Dorothy_Eves_Chelsea_Gantt_Vance_Phu.pdf	2020-06-30	开放存取	Press to 选择一个动作 下载
	IT2020_Dorothy_Eves_Chelsea_Gantt_Vance_Phu_Agreement.txt	2020-06-30	开放存取	Press to 选择一个动作 下载