Chapter 1: Modern Software EngineeringChapter Goal: This chapter will outline the modern software engineering principles and introduce DevOps as well as requirements and responsibilities of a software engineering team to publish quality software.
No of pages 20
Sub -Topics
1. Software Design
2. Solutions on the Internet
3. Multicultural Customers
4. Changing Market
5. Security and Compliance Requirements
Chapter 2: DevOps with Security Chapter Goal: This is a practical topic and discusses DevOps pipelines as a mode of automation for software production and outlines important tasks in DevOps where automation can inject security principles to improve product quality.
No of pages: 20-25
Sub - Topics
1. DevOps in a Nutshell 2. Securing Software
3. Quality Assurance 4. Pre-commit testing
5. HTTP vs SSH Chapter 3: Writing Secure Code Chapter Goal: This chapter discusses the development phase of DevOps pipeline and outlines how to improve software quality and decrease friction in later stages by preventing known vulnerabilities and code flaws before hand. During this chapter we will explore code issues such as SQL Injection prevention, Cross-site scripting, and other similar issues.
No of pages: 45
Sub - Topics:
1. Write Less, Write Secure
2. Developer Training
3. Runtime Selection and Configuration
4. Microservices: Separation of Concerns
5. Authentication in Services
Chapter 4: Automating Everything as Code Chapter Goal: We discuss the steps necessary to make security, compliance, audit, and UX automated to decrease decoupling and friction in the departments, and introduce key factors that help improve build and hosting environments, which will be discussed in detail in later chapter.
No of pages:40-45
Sub - Topics:
1. Version Control and Audit
2. Hosted Code Storage
3. Infrastructure as Code
4. Automating Security
5. Compliance and Policies
6. Risk and Bugs Analysis
Chapter 5: Securing Build Systems for DevOps Chapter Goal: In this chapter we demonstrate the CI phase of DevOps and utilize our build systems; hosted and on-premises, to apply security and compliance checks throughout the task, we apply code analysis methods to verify quality of product and discusses different approaches to host package archives for deployment.
No of pages: 45
1. On-Premises vs Hosted CI/CD
2. Code Analysis Methods
3. Archive Caching and Hashing
4. Automated Deployments
Chapter 6: Automating Production Environments for Quality Chapter Goal: This chapter focuses on production hosting environments and their security, such as container and host platform security, network ports scanning, firewall and application gateways to prevent unauthorized access. We also explore how to extract sensitive information out of source code and configuration files using external services to improve privacy.
No of pages: 40
1. Host Platforms
About the Author: Afzaal Ahmad Zeeshan is a software engineer based in Rabwah, Pakistan, and likes .NET Core for regular day development. He has experience with cloud, mobile, and API development. Afzaal Ahmad has experience with the Azure platform and likes to build cross-platform libraries/software with .NET Core. He has been awarded MVP Award by Alibaba Cloud for cloud expertise and has been recognized as a Microsoft MVP for his work in the field of software development twice, four times as a CodeProject MVP for technical writing and mentoring, and four times as a C# Corner MVP in the same field.
