From the course: Microsoft Azure DevOps Engineer Expert (AZ-400) Cert Prep by Microsoft Press

Unlock this course with a free trial

Join today to access over 25,600 courses taught by industry experts.

Learn about security and compliance

Learn about security and compliance - Azure Tutorial

From the course: Microsoft Azure DevOps Engineer Expert (AZ-400) Cert Prep by Microsoft Press

Start my 1-month free trial Buy for my team

Learn about security and compliance

- We can start defining our security requirements as early as in the planning phase, where we define the security features of our networks, systems, and services. One technique that can be used for this is known as thread modeling. It helps you identify potential threats to help reduce risk and meet security objectives earlier in the development lifecycle. The way that thread modeling works is you start with a data flow diagram where you document the entire system to show how it works. Then a framework will be implemented to identify gaps, threats, and vulnerabilities to mitigate risk. You then generate tasks and work items to track and address the potential threats, and at the end you review and verify to make sure that the threats have been addressed. During the continuous integration phase there are several processes and tools that we can use to make sure that our code does not have any vulnerabilities, outdated…

Contents