Sunday 11 December 2016

Published "SecDevOps Risk Workflow" book (v0.66)

Here is the text I just sent to the current 215 readers of my SecDevOps Risk Workflow book

Hi, here is v0.66

The reason you have not seen an update for a month is because I focused my writting time on the 'Hacking Portugal' book which you can get from Amazon ( or Leanpub (

That book is an expanded version of the keynote presentation I delivered at BSidesLisbon (see and it is my first book published on Amazon :)

Back to the 'SecDevOps Risk Workflow' book, this version contains changes to:

  • "Don’t blame the developers"
  • "Can’t do Security Analysis when doing Code Review"
  • "Defensible findings"
  • "Disposable IT infrastructure"
  • "Every project starts with 100% code coverage"
  • "Everything is code"

Here is the diff with the previous version: ( 15 changed files, 207 additions, 32 deletions)

As always, please submit any issues or suggestions at


Dinis Cruz