In this walk through, we will be going through the Introduction to DevSecOps room from Tryhackme. This room is rated as medium on the platform and In this room, we will learn about the story of DevSecOps, Software Development Models & Shifting Left. So, let’s get started without any delay.
Table of Contents
Task 1 – Introduction
Task 2 – DevOps: A New Hope
Question 1 – What methodology relies on self-organising teams that focus on constructive collaboration?
Agile
Question 2 – What methodology relies on automation and integration to drive cultural change and unite teams?
DevOps
Question 3 – What traditional approach to project management led to mistrust and poor communication between development teams?
Waterfall
Question 4 – What does DevOps emphasize?
Building trust
Task 3 – The Infinite Loop
Question 1 – What helps in adding tests in an automated manner and deals with the frequent merging of small code changes?
CI/CD
Question 2 – What process focuses on collecting data to analyse the performance and stability of services?
Monitoring
Question 3 – What is a way to provision infrastructure through reusable and consistent pieces of code?
IAC
Task 4 – Shifting Left
Question 1 – What term is it used to describe accounting for security from the earliest stages in a development lifecycle?
Shift Left
Question 2 – What is the development approach where security is introduced from the early stages of a development lifecycle until the final stages?
DevSecOps
Task 5 – DevSecOps: Security Strikes Back
Question 1 – What DevSecOps challenge can lead to a siloed culture?
Security Silos
Question 2 – What DevSecOps challenge can affect not prioritizing the right risks at the right times?
Lack of visibility
Question 3 – What DevSecOps challenge stems from needlessly overcomplicated security processes?
Stringent Processes
Task 6 – DevSecOps Culture
Question 1 – How can you make security scalable so it’s not left behind when start ups face hypergrowth or in large corporations?
Promote autonomy of teams
Question 2 – How can you support teams in understanding risk and educating on security flaws?
Visibility and Transparency
Question 3 – What are key factors to successfully instill security in the development process by accounting for flexibility?
Understanding and empathy
Task 7 – Exercise: Fuel Trouble
Question 1 – What Software Development Model did the team in Comic 1 follow?
Waterfall
Question 2 – What Software Development Model did the team in Comic 2 follow?
Agile
Question 3 – What Software Development Model did the team in Comic 3 follow?
DevOps
Question 4 – What is the flag?
THM{ONE_TWO_THREE}
Also Read: Tryhackme – Geolocating Images
So that was “Introduction to DevSecOps” for you. In this room, we learned about DevOps and SLDC. Then we looked into Shifting left, DevSecOps and the culture associated with it and Hence completed the room. On that note, i would take your leave and will meet you in next one. Till then, “Happy hacking”.