Secure Development - DevSecOps

Oracle secures the DevOps development process using a variety of techniques:

• Broad developer training to developers for understanding the principles of secure software development
• Early creation of Trust Models and Risk Assessments to avoid common security pitfalls in our designs. Identify and expose sensitive interfaces to targeted testing for reducing or eliminating software vulnerabilities
• Extensive use of automated security testing to identify vulnerabilities in third party software
• Check for common OWASP (Open Source Foundation for Application Security) top 10 items and perform fuzz testing on key exposed interfaces
• Evaluate deployed software configurations using industry best practices