Integrating Security with DevOps on Oracle Cloud (Part 2 of 2)
Sanjay Basu This post is part 2 in our blog series about how we integrate security with a generic DevOps-based application development process. In part 1 , we defined DevOps methodology and practices, focusing on how to integrate continuous security into the larger DevOps process to support continuous application development and operation. In this post, we cover some of the fundamental infrastructure components, such as cloud firewall services, identity management services, and continuous patching without downtime. Network and Application Security Services When you develop an application, or add or remove features, it’s essential to ensure that only required TCP ports are open. Opening ports that aren’t required can lead to exploits and compromises caused by vulnerabilities in the OS or supporting applications. The following figure shows the danger of keeping TCP ports open and accessible to nontrusted networks. Diagram courtesy of https://geekflare.com/port-scan