Publication
ImplementaĆ§Ć£o de DevSecOps no processo CI/CD
| datacite.subject.fos | Engenharia e Tecnologia | |
| datacite.subject.sdg | 09:IndĆŗstria, InovaĆ§Ć£o e Infraestruturas | |
| dc.contributor.advisor | Silva, Bruno Miguel Fernandes da | |
| dc.contributor.author | SOARES, CRISTIANO MARTINS | |
| dc.date.accessioned | 2025-11-11T16:40:49Z | |
| dc.date.available | 2025-11-11T16:40:49Z | |
| dc.date.issued | 2025-10-24 | |
| dc.description.abstract | Esta dissertaĆ§Ć£o aborda a implementaĆ§Ć£o de prĆ”ticas DevSecOps no processo de integraĆ§Ć£o contĆnua e entrega/ implantaĆ§Ć£o contĆnua (CI/CD) na Natixis, com o objetivo de melhorar a seguranƧa e qualidade do software entregue. Ć data do inĆcio do projeto, as pipelines de CI/CD da Natixis nĆ£o integravam anĆ”lises automatizadas de qualidade e seguranƧa, aumentando a probabilidade de introduĆ§Ć£o de vulnerabilidades nos ambientes de produĆ§Ć£o. Esta dissertaĆ§Ć£o propĆ“s a implementaĆ§Ć£o de uma soluĆ§Ć£o que automatizasse a anĆ”lise de qualidade e seguranƧa ao longo do ciclo de desenvolvimento, minimizando riscos e aumentando a eficiĆŖncia operacional. AtravĆ©s de uma anĆ”lise comparativa das ferramentas de anĆ”lise de cĆ³digo, seguranƧa e testes, foi sugerida uma soluĆ§Ć£o escalĆ”vel que pode ser aplicada de forma global Ć s vĆ”rias equipas da empresa, promovendo a integraĆ§Ć£o contĆnua de boas prĆ”ticas de seguranƧa no desenvolvimento. Os resultados observados incluem a reduĆ§Ć£o de vulnerabilidades em produĆ§Ć£o, melhoria na qualidade do cĆ³digo e maior agilidade no desenvolvimento de software seguro e eficiente. | por |
| dc.description.abstract | This dissertation addresses the implementation of DevSecOps practices in the continuous integration and delivery (CI/CD) process at Natixis, with the aim of improving the security and quality of the software delivered. At the start of the project, Natixis' CI/CD pipelines didnāt integrate automated security and quality analysis, increasing the likelihood of vulnerabilities being introduced into production environments. This dissertation proposed the implementation of a solution that would automate quality and safety analysis throughout the development cycle, minimizing risks and increasing operational efficiency. Through a comparative analysis of code analysis, security and testing tools, a scalable solution was suggested that can be applied globally to the company's various teams, promoting the continuous integration of good security practices in development. The results observed included a reduction in vulnerabilities in production, an improvement in code quality and greater agility in the development of secure and efficient software. | eng |
| dc.identifier.tid | 204032970 | |
| dc.identifier.uri | http://hdl.handle.net/10400.22/30822 | |
| dc.language.iso | por | |
| dc.rights.uri | N/A | |
| dc.subject | DevSecOps | |
| dc.subject | CI/CD | |
| dc.subject | Cybersecurity | |
| dc.subject | Code Quality | |
| dc.subject | Pipeline Automation | |
| dc.subject | CiberseguranƧa | |
| dc.subject | Qualidade de cĆ³digo | |
| dc.subject | AutomaĆ§Ć£o de pipelines | |
| dc.title | ImplementaĆ§Ć£o de DevSecOps no processo CI/CD | por |
| dc.title.alternative | Implementation of DevSecOps in the CI/CD process | eng |
| dc.type | master thesis | |
| dspace.entity.type | Publication | |
| thesis.degree.name | Mestrado em Engenharia InformƔtica |