Published April 15, 2023 | Version v1
Conference paper Open

Security in DevSecOps: Applying Tools and Machine Learning to Verification and Monitoring Steps

  • 1. XLAB
  • 2. Faculty of Electronic Engineering, Politecnico di Milano


Security represents one of the crucial concerns when it comes to De- vOps methodology-empowered software development and service delivery process. Considering the adoption of Infrastructure as Code (IaC), even minor flaws could potentially cause fatal consequences, especially in sensitive domains such as healthcare and maritime applications. However, most of the existing solutions tackle either Static Application Security Testing (SAST) or run-time behavior analysis distinctly. In this paper, we propose a) IaC Scan Runner, an open-source solution developed in Python for inspecting a variety of state-of-the-art IaC languages in application design time and b) the run time anomaly detection tool called LOMOS. Both tools work in synergy and provide a valuable contribution to a DevSecOps tool set. The proposed approach is demonstrated and their results will be demonstrated on various case studies showcasing the capabilities of static analysis tool IaC Scan Runner combined with LOMOS – log analysis artificial intelligence-enabled framework.



Files (1.7 MB)

Name Size Download all
1.7 MB Preview Download

Additional details


FISHY – A coordinated framework for cyber resilient supply chain systems over complex ICT infrastructures 952644
European Commission
SUNRISE – Strategies and Technologies for United and Resilient Critical Infrastructures and Vital Services in Pandemic-Stricken Europe 101073821
European Commission
PIACERE – Programming trustworthy Infrastructure As Code in a sEcuRE framework 101000162
European Commission
MEDINA – Security framework to achieve a continuous audit-based certificationn in compliance with the EU-wide cloud security certification scheme 952633
European Commission
CYLCOMED – Cyber securitY tooLbox for COnnected MEdical Devices 101095542
European Commission
ICOS – Towards a functional continuum operating system 101070177
European Commission