“ A framework for balancing security and speed in CI/CD pipelines. A Shift-Left DevSecOps Approach.”
This repository contains a secure CI/CD pipeline setup for the OWASP Juice Shop application, focusing on DevSecOps principles. The pipeline ensures security at every phase of the software development lifecycle (SDLC).
- Secure CI/CD Pipeline: Implements best security practices in the CI/CD process.
- Security Analysis: Integrates security testing tools to identify vulnerabilities.
- Azure DevOps Integration: Uses Azure Pipelines for automated builds, testing, and deployment.
- Documentation: Step-by-step guides for setting up and securing the pipeline.
Refer to the docs/ directory for detailed phase-wise documentation:
- Phase 1: Setup – Initial setup and configurations.
- Phase 2: Security – Security testing and analysis.
- Phase 3: Framework – Design and architecture.
- Phase 4: Implementation – CI/CD pipeline implementation.
- Phase 5: Evaluation – Performance and security assessments.
- Phase 6: Conclusion – Final remarks and future work.
- Phase 7: References – Citations and resources.
The project is organized into the following folders:
📦 secure-juice-shop-ci-cd
┣ 📂 .github/workflows # GitHub Actions (if needed in future)
┣ 📂 azure-pipelines # Azure DevOps pipeline YAML files
┣ 📂 docs # Documentation files
┃ ┣ 📜 Phase1-Setup.md # Detailed setup for Phase 1
┃ ┣ 📜 Phase2-Security.md # Security analysis findings
┃ ┣ 📜 Phase3-Framework.md # Design of secure CI/CD pipeline
┃ ┣ 📜 Phase4-Implementation.md # Implementation details
┃ ┣ 📜 Phase5-Evaluation.md # Performance evaluation results
┣ 📂 juice-shop # Cloned OWASP Juice Shop project
┣ 📜 README.md # Main project overview
┣ 📜 azure-pipelines.yml # Azure DevOps pipeline config
┗ 📜 LICENSE # (If needed)-
Clone this repository:
git clone https://github.com/yourusername/secure-juice-shop-ci-cd.git
-
Navigate to the project directory:
cd secure-juice-shop-ci-cd -
Follow the documentation in
docs/Phase1-Setup.mdfor the complete setup guide.
Contributions are welcome! Feel free to submit a pull request or open an issue for discussions.
For queries or support, reach out via my email.
![@greenkeeper[bot]](https://avatars.githubusercontent.com/in/505?s=64&v=4){kind=small}
