Continuous Delivery is a software development discipline where you build software in such a way that the software can be released to production at any time.
You’re doing continuous delivery when: [1]
- Your software is deployable throughout its lifecycle
- Your team prioritizes keeping the software deployable over working on new features Anybody can get fast, automated feedback on the production readiness of their systems any time somebody makes a change to them You can perform push-button deployments of any version of the software to any environment on demand
Continuous Integration is a software development practice where members of a team integrate their work frequently, usually each person integrates at least daily - leading to multiple integrations per day. Each integration is verified by an automated build (including test) to detect integration errors as quickly as possible.
(source: https://martinfowler.com/articles/continuousIntegration.html)
Software deployment is all of the activities that make a software system available for use.
"Official" definition: https://en.wikipedia.org/wiki/DevOps
a set of practices intended to reduce the time between committing a change to a system and the change being placed into normal production, while ensuring high quality
Official site: https://www.devsecops.org
Leaning in over Always Saying “No”
Data & Security cience over Fear, Uncertainty and Doubt
Open Contribution & Collaboration over Security-Only Requirements
Consumable Security Services with APIs over Mandated Security Controls & Paperwork
Business Driven Security Scores over Rubber Stamp Security
Red & Blue Team Exploit Testing over Relying on Scans & Theoretical Vulnerabilities
24x7 Proactive Security Monitoring over Reacting after being Informed of an Incident
Shared Threat Intelligence over Keeping Info to Ourselves
Compliance Operations over Clipboards & Checklists
- We've all hear different things about this
- "Data controller"
- People's data
- Data the person owns
- Data about the person
- Why you have it
- Where the data is
- What you do with it
- How you delete it when done
- Usually referring to the code
- Patents
- Copyright
- Do you "own" all work and creations of developers, even during off hours?
- Opinion: the value of code
A change which has been written somewhere, we're "committed" to it (not funny, I know).
Can refer to different things:
- A code change commit in different tools, like git
- A database commit