Deploying code without processes (the wrong way to do it)<\/p>\n
Stage 1 – Development Environment Stage 2 – Test Environment Stage 3 – Staging Environment Stage 4 – Production Environment Important issues in these stages<\/strong><\/p>\n <\/p>\n <\/p>\n Risk Analysis<\/strong> identifies risk<\/p>\n Risk Mitigation <\/b>reduces their likelihood and impact<\/p>\n In Software Development security must be integrated from the very start. It is not something that can be added in later. Security should be integrated with the Software Development Lifecycle (SLDC). SLDCs include:<\/p>\n Security must be integrated at all stages – Design, development, testing and deployment.<\/p>\n Some ways to mitigate software risks include:<\/p>\n Sandboxing<\/strong><\/p>\n This is a test environment where developers can run their code without it having access to production resources. Sandboxes work hand in hand with code repositories. A developer may test a copy of code from a repository in a sandbox, then once finished testing they put it back in the repository.<\/p>\n <\/p>\n <\/p>\n A baseline<\/strong> is a minimum or a starting point used for comparisons.<\/p>\n Deviations:\u00a0<\/strong>these are changes from the baseline<\/p>\n Integrity Management: <\/strong>this tracks changes made to code after deployment, noting unexpected changes<\/p>\n","protected":false},"excerpt":{"rendered":" 1. Software Staging and Release Deploying code without processes (the wrong way to do it) Surprises end users Introduces security flaws Causes operational disruptions Increases the difficulty of rolling back flawed code Stage 1 – Development Environment Allows developers to develop and modify code Stage 2 – Test Environment Facilitates human and automated testing Stage […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[11,10,3],"tags":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.spktechfit.com\/index.php?rest_route=\/wp\/v2\/posts\/336"}],"collection":[{"href":"https:\/\/www.spktechfit.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.spktechfit.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.spktechfit.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.spktechfit.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=336"}],"version-history":[{"count":4,"href":"https:\/\/www.spktechfit.com\/index.php?rest_route=\/wp\/v2\/posts\/336\/revisions"}],"predecessor-version":[{"id":510,"href":"https:\/\/www.spktechfit.com\/index.php?rest_route=\/wp\/v2\/posts\/336\/revisions\/510"}],"wp:attachment":[{"href":"https:\/\/www.spktechfit.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=336"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.spktechfit.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=336"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.spktechfit.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=336"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n<\/strong>Allows developers to develop and modify code<\/p>\n
\n<\/strong>Facilitates human and automated testing<\/p>\n
\n<\/strong>Prepares the code for release to production in a simulated environment. Load testing occurs at this stage.<\/p>\n
\n<\/strong>Provides live services to end users<\/p>\n\n
\n2. Software Risk Assessment and Mitigation<\/h2>\n
Software Development Lifecycles (SLDC)<\/h3>\n
\n
Mitigate Software Risks<\/h3>\n
\n
\n3. Security Baselines and Integrity Measurement<\/h2>\n