NCI WEBSITE
NORMA eResearch @NCI Library

Securing the Speed: Balancing Security and Deployment Velocity in DevOps

Tools

Mestry, Ravina (2023) Securing the Speed: Balancing Security and Deployment Velocity in DevOps. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (601kB) | Preview
[thumbnail of Configuration manual]
Preview
 PDF (Configuration manual)
Download (1MB) | Preview

Abstract

The DevOps approach to software development emphasizes Continuous Integration and Continuous Delivery (CI-CD) to achieve faster release cycles and improved quality. However, security is often neglected in the pursuit of deployment velocity, leaving software applications vulnerable to cyberattacks. To address this challenge, organizations often incorporate multiple security tools into their DevOps pipelines. However, this raises the question of how many security tools should be used and what trade-offs exist between security and deployment velocity.

The research methodology employs an empirical approach, combining both quantitative and qualitative analyses. A sample CI-CD pipeline is constructed, integrating key security tools such as SonarQube, Super-Linter, OWASP (Open Web Application Security Project) ZAP, and Snyk, along with AWS EC2, GitHub Actions, Terraform, and Docker for scalable infrastructure. The evaluation of the research is centred on key performance metrics and indicators, including Mean Time to Build (MTTB), Mean Time to Change (MTTC), and vulnerabilities identified to measure the impact of security measures. Results demonstrate a slight increase in MTTB and MTTC, attributed to security checks. The number of vulnerabilities identified highlights the effectiveness of integrated security tools in enhancing application security. The findings empower organizations to deliver secure and high-quality software products, strengthening their competitive edge in the rapidly evolving software industry.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Sahni, Vikas
UNSPECIFIED
Uncontrolled Keywords: DevOps; CI-CD pipeline; security; velocity
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Cloud computing
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cloud Computing
Depositing User: Tamara Malone
Date Deposited: 09 Oct 2024 18:06
Last Modified: 09 Oct 2024 18:06
URI: https://norma.ncirl.ie/id/eprint/7091

Actions (login required)

View Item View Item