Secure Staging & Deployment

  • Secure Baseline
    • A process whereby you use a security standard for any system, app, or service that is considered secure to create your own security benchmark.
    • Separately securing the baseline "gold" image to ensure its integrity.
  • Environments
    • Separating environments for increased security.
    • Development - App Dev
    • Test - Replicating production as much as possible.
    • Staging - Code preparation/consolidation.
    • Production - Where you do business. Very restricted access.
    • Sandboxing - A completely isolated test environment.
      • A safe execution environment for untrusted programs.
      • Allows programs and processes to be run in an isolated environment to limit access to files and the host system.
      • Example: Web Pages
  • Integrity Measurement
    • Monitoring systems against the baseline for any deviations.
      • Examples: Tripwire, Hash Checking
Copy link