Factory using Cloud DevSecOps Services Sidecar Container Security Stack Sidecar Container Security Stack enables: correlated and centralized logs, container security, east/west traffic management, a zero-trust and container policy enforcement.The security stack in the security sidecar container will include: 1. A logging agent to push logs to a platform centralized logging service. 2. Container policy policy enforcement. This includes ensuring container hardening from DCAR containers are preserved and complies with the NIST 800-190 requirements [12]. 3. Runtime Defense, this can perform both signature-based

need… • a Container Management Platform, but to network it I need… • a Service Mesh, but to secure it I need… • an automated Certificate Authority, and for more security I need… • a Container scanning and

code (API calls from certain types of test code) 4. Ensure every CI process is in an isolated container 5. Make the version control credentials of the CI system read-only 3. Ch. 23 – Protecting the auditors traditional training of sampling with screenshot evidence doesn’t really work in cloud, container or similar environments with infrastructure-as-code and auto- scaling. Must create alternatives