Measure and understand your current state to ensure you are in a position to utilize DevOps.
Engagement Proces:
- DevOps Checklist Audit (2-3 Weeks)
- Maturity Audit (1 Week)
What we will do:
1. DevOps Checklist Audit
- Monitoring:
- Audit infrastructure
- Renew certifications
- Security notifications
- Third-party vendors
- Authorizations
- DNS expiry date
- Product team access
- Business insights
- Infrastructure:
- Automate configuration
- Backup schedule
- Check SSL/TLS configuration
- Access control for cloud providers
- Encryption
- SSH configuration
- Container protection
- Logging
- Secret management
- Immutable infrastructures
- Culture:
- Change preparation
- Onboarding/Offboarding checklist
- Employee training on security
- Up to date best practices
- Understanding risk
- Silo breakdown
- Operations team inclusion
- Visibility
- Consultation
- Code:
- Cryptography standards
- Security headers
- Self-hacking
- CI/CD with integrated security scans
- Dependency management
- CI/CD tool protection
- Security testing
- SDLC management
- Automated testing
- Protection:
- Non-vital information cleanup
- 2FA enforcement
- Industry standards compliance
- Bug bounty programs
- Public security policy
- DDoS attack planning
- Breaches protection
- Infrastructure and server protection
- User protection
2. Maturity audit
We audit your DevOps maturity levels on four levels: Ad-hoc, Repeatable, Consistent, Optimized, and Leading. Following areas are audited against the mentioned levels of optimization which standard practices followed by reputable software development company in california: which standard practices followed by reputable software development company in california:
- Delivery process/SDLC
- Governance
- Automation
- Continuous integration
- Continuous delivery
- Automated operations
- Security and self-healing
- Monitoring process