Akana by Perforce now offers BlazeMeter to customers, previously a solution with Broadcom Layer7.
Security and the Twelve-Factor App - Step 12
A blog series by WhiteHat Security
November 04, 2019
The final chapter of this blog series looks at Factor 12, Admin Processes, and shares security-focused advice for this step that developers and ops engineers can follow during the SaaS build and operations stages.
Start with Security and the Twelve-Factor App - Step 1
Start with Security and the Twelve-Factor App - Step 2
Start with Security and the Twelve-Factor App - Step 3
Start with Security and the Twelve-Factor App - Step 4
Start with Security and the Twelve-Factor App - Step 5
Start with Security and the Twelve-Factor App - Step 6
Start with Security and the Twelve-Factor App - Step 7
Start with Security and the Twelve-Factor App - Step 8
Start with Security and the Twelve-Factor App - Step 9
Start with Security and the Twelve-Factor App - Step 10
Start with Security and the Twelve-Factor App - Step 11
Defining Admin Processes in the Twelve-Factor App
The final and twelfth factor focuses on admin processes and running admin/management tasks as one-off processes.
By this, 12.factor.net means that “one-off admin processes should be run in an identical environment as the regular long-running processes of the app. They run against a release, using the same codebase and config as any process run against that release. Admin code must ship with application code to avoid synchronization issues.”
Applying Security to Step 12
From a security standpoint, admin processes must be subject to the same security scrutiny as prescribed for factors I to XI. Incorporate one-off admin processes as part of product discussions and understand the security risks associated with one-off admin processes.
Industry News
June 23, 2022
Coder announced the release of a new open source project that gives developers and data scientists a consistent, secure, yet flexible way to create cloud workspaces in minutes.
June 23, 2022
GitGuardian is announcing a series of new features to address developer experience in securing the software development lifecycle.
June 22, 2022
OctoML released a major platform expansion to accelerate the development of AI-powered applications by eliminating bottlenecks in machine learning deployment.
June 22, 2022
Snow Software announced new functionality and integrations for Snow Atlas, a purpose-built platform that provides a framework to accelerate data-driven technology decision-making.
June 22, 2022
Traefik Labs launched Traefik Hub, a new cloud service that eliminates the complexity of management and automation of Kubernetes and Docker networking at scale.
June 21, 2022
The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the new Open Programmable Infrastructure (OPI) Project.
June 21, 2022
Docker announced the acquisition of Atomist, a company founded to improve developer productivity and keep cloud native applications safe.
June 21, 2022
SmartBear released BitBar, an all-in-one web and native mobile app testing solution.
June 16, 2022
Armory announced general availability of Armory Continuous Deployment-as-a-Service.
June 16, 2022
Infragistics announced the launch of App Builder On-Prem.
June 16, 2022
LambdaTest launched Test-at-Scale (TAS), a test intelligence and observability platform, to help development teams with shift-left testing.
June 16, 2022
NetApp announced continued innovations and solutions to provide enterprises with more simplicity, more security and more flexibility for their hybrid multicloud environments. These new capabilities include improved ransomware protection, hybrid cloud storage in a single subscription, unified management in a single user interface, and close collaboration with VMware to help transition workloads to the cloud.
June 16, 2022
Code Intelligence announces $12 million (11M€) in Series A funding led by Tola Capital.
June 15, 2022
Keysight Technologies and Sauce Labs have partnered to deliver cloud-based testing of enterprise applications on mobile devices, browsers and secure desktops.
