hack a target and for this, will perform a bunch of activities 1. Online Attack Surfaces 2. Breached Credentials 3. Known Vulnerable Software 4. (Easy to?) exploit security vulnerabilities 5. If nothing works • Invest skill and resources in 0days
the principles of Secure Software Development Life-cycle while building Infrastructure • Requirement Analysis • Design • Versioning • Secure Development • Testing & Verification • Deployment • Rolling Update • Rollback (if required)
infrastructure through machine readable code & configuration • It is an alternative approach compared to managing physical hardware and provisioning them with interactive setup and configuration tools
Edit code to include the required resources and configuration • Push to repository • This triggers CI/CD • CI/CD runs test cases on code (if any) • CI/CD update the live infrastructure