Adding Security to your SLO-based Release Validation with Keptn
Automatic Release Validation, aka Quality Gates, is not a new concept but often only covers functional or performance metrics. Keptn’s open SLO-based evaluation allows DevSecOps to have their favorite security tool report SLOs such as number of detected vulnerabilities as part of delivery automation.
This session will focus on the concept of SLO-based release validation with the CNCF project Keptn. Attendees will learn how they can bring in their own security tool and connect it to Keptn via an SLI-Provider. Examples would be open source tools such as Falco or commercial security tools of choice.
The goal is to educate DevSecOps on the opportunity to automatically detect security related problems as part of delivery automation.
More about Andreas Grabner
Andreas Grabner has 20+ years of experience as a software developer, tester and architect and is an advocate for high-performing cloud scale applications. He is a contributor to the open source project Keptn, a frequent speaker at conferences & meetups and regularly publishes articles on medium and blog.dynatrace.com. You can follow him on Twitter: @grabnerandi or find him on the salsa dancefloors of the world.