OpenShift Watch on YouTube

OpenShift Commons Briefing #54: DevSecOps: Security Injection with SecurePaaS on OpenShift

2 min read 6 months ago
Published on Jun 18, 2024 This response is partially generated with the help of AI. It may contain inaccuracies.

Table of Contents

Tutorial: Implementing Automated Security with SecurePaaS on OpenShift

Step 1: Introduction to DevOps and SecurePaaS

  • DevOps aims to streamline the software development lifecycle by incorporating automation tools.
  • SecurePaaS by ShadowSoft offers a security framework for managing authentication, authorization, and auditing controls for microservice-based systems.

Step 2: Understanding Cybersecurity Concerns in DevOps

  • DevOps practices may sometimes prioritize speed over security, leading to vulnerabilities.
  • SecurePaaS helps automate the injection of cybersecurity controls into web applications within a DevOps environment.

Step 3: Deployment on OpenShift

  • OpenShift allows for quick deployment of applications, including SecurePaaS as a Docker container.
  • SecurePaaS provides a seamless single pane of glass for monitoring applications within OpenShift.

Step 4: Setting Up SecurePaaS

  • Visit the SecurePaaS website and click on the Test Drive button to create an account for free.
  • Access the management console to control users, roles, and audit records.
  • Integrate application servers into the environment by generating an agent and deploying it to the server.

Step 5: Configuring Security Policies

  • Create security policies within SecurePaaS to control access to web services and applications.
  • Grant or deny access based on user roles or specific methods within the application.

Step 6: Monitoring and Auditing

  • Monitor real-time changes in access permissions within the SecurePaaS management console.
  • Utilize auditing features to track user activities and changes made to applications.

Step 7: Additional Security Controls

  • SecurePaaS offers features like preventing cross-site scripting and SQL injection in future updates.
  • Contact ShadowSoft for more information on SecurePaaS and related services.

Step 8: Joining the OpenShift Commons Community

  • Join the OpenShift Commons Slack channel for further discussions and updates.
  • Contact the presenter, Derek Sutherland, for any questions or follow-ups via email at d.sutherland@shadow-soft.com.

By following these steps, you can effectively implement automated security measures using SecurePaaS on OpenShift within your DevOps environment.

Table of Contents

Recent