/cyber0

douglas-bernardini-siem-security

DevSecOps

/Dynamic Threat Analysis

/Capabilities

Server settings, port closures, protocol closures, NACLs, security group settings, and other configurations can all be automated. This not only increases security, it is also required for some forms of compliance. 

Shifting security left. Performing security tasks as early as possible in the development lifecycle. Give for developers the tools they need to verify that they are using secure coding best practices and leveraging only safe components and container images.

As DevSecOps integrates vulnerability scanning and patching into the release cycle, the ability to identify and patch common vulnerabilities and exposures (CVE) is diminished. This limits the window a threat actor has to take advantage of vulnerabilities in public-facing production systems.

Alert tool will analyze, prioritize, and notify the team of anomalies after they are prioritized and verified as real incidents. When the team is notified, they can quickly investigate the incident and respond.

Code reviewed, audited, scanned, and tested previously for security issues. These issues are addressed as soon as they are identified. Security issues become less expensive to fix when protective technology is identified and implemented early in the cycle.

Secure APIs increase authorization and routing visibility. By reducing exposed APIs, organizations can reduce surfaces of attacks. Also intense use of Identity providers, user authorization with privileges segregation with secrets vault.

/Articles

douglas-bernardini-threat-hunting

Douglas Bernardini

Cybersecurity Specialist & Cloud Computing Expert with +10 years experience in IT infrastructure.

Specialist delivering assets for development teams in Google Cloud Platform (GCP) and Amazon web services (AWS)

Hands-on cloud security enterprise architect, with experience in SIEM/SOC, IAM, cryptography, pentest, network topologies, operating systems, databases, and applications.

Experience in DevSecOps analysis to discover vulnerabilities in software, identifying CI/CD risks gaps and recommending secure-coding process (S-SDLC).

Certs

douglas-bernardini-certifications