ADOPSI DEVSECOPS UNTUK MENDUKUNG METODE AGILE MENGGUNAKAN TRIVY SEBAGAI SECURITY SCANNER DOCKER IMAGE DAN DOCKERFILE
Article Sidebar
π
Published:
Sep 10, 2023
Main Article Content
Abstract
Article Summary
Compliance with personal data protection laws requires electronic system operators to pay more attention to security in applications. Security testing which is usually done at the end of the SDLC makes Agile principles incompatible with advantages that prioritize acceleration, adaptability and responsiveness to change. DevSecOps implementation using Trivy will insert a security scanner process for applications that are deployed in containerized form. The continuous process of security scanning integrated in CI/CD will increase the awareness of developers in terms of application security, so that developers will more quickly fix these problems and avoid security problems at the end of the SDLC.
Keywords
Article Keywords
Downloads
Download data is not yet available.
Article Details
How to Cite
Perkasa, P. R., & Mailoa, E. (2023). ADOPSI DEVSECOPS UNTUK MENDUKUNG METODE AGILE MENGGUNAKAN TRIVY SEBAGAI SECURITY SCANNER DOCKER IMAGE DAN DOCKERFILE. Jurnal Indonesia : Manajemen Informatika Dan Komunikasi, 4(3), 856-863. https://doi.org/10.35870/jimik.v4i3.291
Section
Articles
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC-BY 4.0) that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
License: All articles are licensed under 
References
[1] Permana, A. Y., & Romadlon, P., (2019). Perancangan Sistem Informasi Penjualan Perumahan Mengunakan Metode SDLC Pada PT. Mandiri Land Proseperous Berbasis Mobile. Jurnal Teknologi Pelita Bangsa, 84(10), pp. 1511β1518. DOI: https://doi.org/10.1134/s0320972519100129
Murdiani, D., Yudhana, A., & Sunardi, S., (2020). Implementasi Agile Method dalam Pengembangan Jurnal Elektronik di Lembaga Penelitian Non Pemerintahan (NGO). Jurnal Teknologi Informasi Dan Ilmu Komputer, 7(4), pp. 709. DOI: https://doi.org/10.25126/jtiik.2020741839
Sunardi, S., & Fadli, S., (2018). IDENTIFIKASI MASALAH PENERAPAN METODE AGILE (SCRUM) PADA PENGEMBANGAN PERANGKAT LUNAK DI PERGURUAN TINGGI (Studi Kasus Universitas Nahdlatul Ulama Nusa Tenggara Barat). Jurnal Manajemen Informatika Dan Sistem Informasi, 1(2), pp. 14. DOI: https://doi.org/10.36595/misi.v1i2.37
Hemon, A., Lyonnet, B., Rowe, F., & Fitzgerald, B., (2020). From Agile to DevOps: Smart Skills and Collaborations. Information Systems Frontiers, 22(4), pp. 927β945. DOI: https://doi.org/10.1007/s10796-019-09905-1
Tohirin, T., Utami, S. F., Widianto, S. R., & Mauludyansah, W. Al., (2020). Implementasi DevOps Pada Pengembangan Aplikasi e-Skrining Covid-19. Multinetics, 6(1), pp. 15β20. DOI: https://doi.org/10.32722/multinetics.v6i1.2764
Melgar, A. S., & Osores, J. J. V., (2021). DevOps as a culture of interaction and deployment in an insurance company. Turkish Journal of Computer and Mathematics Education (TURCOMAT), 12(4), pp. 1701β1708. DOI: https://doi.org/10.17762/turcomat.v12i4.1429
Saputra, M. H. K., & Nabil, L. M., (2021). Penerapan Arsitektur Microservice Pada Sistem Tata Kelola Matakuliah Proyek Politeknik Pos Indonesia. Teknik Informatika, 13(3), pp. 22β28.
Khalyly, B. El, Belangour, A., Erraissi, A., & Banane, M., (2020). Devops and Microservices Based Internet of Things Meta-Model. International Journal of Emerging Trends in Engineering Research, 8(9), pp. 6254β6266. DOI: https://doi.org/10.30534/ijeter/2020/217892020
Putra, R. A., (2018). Analisa Implementasi Arsitektur Microservoces Berbasis Kontainer Pada Komunitas Pengembang Perangkat Lunak Sumber Terbuka ( OpenDayLight DevOps Community ). Jurnal Sistem Infomasi Teknologi Informasi Dan Komputer (Just It) Universitas Bina Nusantara Magister Manajemen Sistem Informasi Jakarta, pp. 150β162.
Ariadi, F., Iswahyudi, C., Nurnawati, E., Informatika, J., & Akprind, I., (2020). Penerapan Docker Container Sebagai Teknologi Ramah Skalabilitas Dibanding Teknik Virtualisasi Untuk Membangun Website Di Ubuntu 18.04.4 Lts. Jurnal JARKOM, 8(2), pp. 47β57.
Hanifah, F., Budiyono, A., & Widjajarto, A., (2021). Analisa Kerentanan Pada Vulnerable Docker Menggunakan Alienvault Dan Docker Bench For Security Dengan Acuan Framework CIS Control. E-Proceeding of Engineering, 8(5), pp. 8879β8885. DOI: https://openlibrarypublications.telkomuniversity.ac.id/index.php/engineering/article/view/15914
Palinggi, S., Palelleng, S., & Allolinggi, L. R., (2020). Peningkatan Rasio Kejahatan Cyber Dengan Pola Interaksi Sosio Engineering Pada Periode Akhir Era Society 4.0 Di Indonesia. Jurnal Ilmiah Dinamika Sosial, 4(1), pp. 145. DOI: https://doi.org/10.38043/jids.v4i1.2314
Elis, E., & Hamimah, S., (2022). Urgensi Undang-Undang Perlindungan Data Pribadi Dalam Menjamin Keamanan Data Pribadi Sebagai Pemenuhan Hak Atas Privasi Masyarakat Indonesia. Jurnal Rechtenβ―: Riset Hukum Dan Hak Asasi Manusia, 3(2), pp. 1β6. DOI: https://doi.org/10.52005/rechten.v3i2.34
Edy Listartha, I. M., Premana Mitha, I. M. A., Aditya Arta, M. W., & Yuda Arimika, I. K. W., (2022). Analisis Kerentanan Website SMA Negeri 2 Amlapura Menggunakan Metode OWASP (Open Web Application Security Project). Simkom, 7(1), pp. 23β27. DOI: https://doi.org/10.51717/simkom.v7i1.63
Shama, A. M., & W. Chandra, D., (2021). Implementasi Static Application Security Testing Menggunakan Jenkins Ci/Cd Berbasis Docker Container Pada Pt. Emporia Digital Raya. Jurnal Ilmiah Informatika, 9(02), pp. 95β99. DOI: https://doi.org/10.33884/jif.v9i02.3769
Ramadhan, R. S., Widjajarto, A., & Almaarif, A., (2022). Vulnerability Management Pada Vulnerable Docker Menggunakan Clair Scanner Dan Joomscan Berdasarkan Standar GSA CIO-IT Security -17-80. 4(1), pp. 85β93. DOI: https://doi.org/10.30865/json.v4i1.4789.
Murdiani, D., Yudhana, A., & Sunardi, S., (2020). Implementasi Agile Method dalam Pengembangan Jurnal Elektronik di Lembaga Penelitian Non Pemerintahan (NGO). Jurnal Teknologi Informasi Dan Ilmu Komputer, 7(4), pp. 709. DOI: https://doi.org/10.25126/jtiik.2020741839
Sunardi, S., & Fadli, S., (2018). IDENTIFIKASI MASALAH PENERAPAN METODE AGILE (SCRUM) PADA PENGEMBANGAN PERANGKAT LUNAK DI PERGURUAN TINGGI (Studi Kasus Universitas Nahdlatul Ulama Nusa Tenggara Barat). Jurnal Manajemen Informatika Dan Sistem Informasi, 1(2), pp. 14. DOI: https://doi.org/10.36595/misi.v1i2.37
Hemon, A., Lyonnet, B., Rowe, F., & Fitzgerald, B., (2020). From Agile to DevOps: Smart Skills and Collaborations. Information Systems Frontiers, 22(4), pp. 927β945. DOI: https://doi.org/10.1007/s10796-019-09905-1
Tohirin, T., Utami, S. F., Widianto, S. R., & Mauludyansah, W. Al., (2020). Implementasi DevOps Pada Pengembangan Aplikasi e-Skrining Covid-19. Multinetics, 6(1), pp. 15β20. DOI: https://doi.org/10.32722/multinetics.v6i1.2764
Melgar, A. S., & Osores, J. J. V., (2021). DevOps as a culture of interaction and deployment in an insurance company. Turkish Journal of Computer and Mathematics Education (TURCOMAT), 12(4), pp. 1701β1708. DOI: https://doi.org/10.17762/turcomat.v12i4.1429
Saputra, M. H. K., & Nabil, L. M., (2021). Penerapan Arsitektur Microservice Pada Sistem Tata Kelola Matakuliah Proyek Politeknik Pos Indonesia. Teknik Informatika, 13(3), pp. 22β28.
Khalyly, B. El, Belangour, A., Erraissi, A., & Banane, M., (2020). Devops and Microservices Based Internet of Things Meta-Model. International Journal of Emerging Trends in Engineering Research, 8(9), pp. 6254β6266. DOI: https://doi.org/10.30534/ijeter/2020/217892020
Putra, R. A., (2018). Analisa Implementasi Arsitektur Microservoces Berbasis Kontainer Pada Komunitas Pengembang Perangkat Lunak Sumber Terbuka ( OpenDayLight DevOps Community ). Jurnal Sistem Infomasi Teknologi Informasi Dan Komputer (Just It) Universitas Bina Nusantara Magister Manajemen Sistem Informasi Jakarta, pp. 150β162.
Ariadi, F., Iswahyudi, C., Nurnawati, E., Informatika, J., & Akprind, I., (2020). Penerapan Docker Container Sebagai Teknologi Ramah Skalabilitas Dibanding Teknik Virtualisasi Untuk Membangun Website Di Ubuntu 18.04.4 Lts. Jurnal JARKOM, 8(2), pp. 47β57.
Hanifah, F., Budiyono, A., & Widjajarto, A., (2021). Analisa Kerentanan Pada Vulnerable Docker Menggunakan Alienvault Dan Docker Bench For Security Dengan Acuan Framework CIS Control. E-Proceeding of Engineering, 8(5), pp. 8879β8885. DOI: https://openlibrarypublications.telkomuniversity.ac.id/index.php/engineering/article/view/15914
Palinggi, S., Palelleng, S., & Allolinggi, L. R., (2020). Peningkatan Rasio Kejahatan Cyber Dengan Pola Interaksi Sosio Engineering Pada Periode Akhir Era Society 4.0 Di Indonesia. Jurnal Ilmiah Dinamika Sosial, 4(1), pp. 145. DOI: https://doi.org/10.38043/jids.v4i1.2314
Elis, E., & Hamimah, S., (2022). Urgensi Undang-Undang Perlindungan Data Pribadi Dalam Menjamin Keamanan Data Pribadi Sebagai Pemenuhan Hak Atas Privasi Masyarakat Indonesia. Jurnal Rechtenβ―: Riset Hukum Dan Hak Asasi Manusia, 3(2), pp. 1β6. DOI: https://doi.org/10.52005/rechten.v3i2.34
Edy Listartha, I. M., Premana Mitha, I. M. A., Aditya Arta, M. W., & Yuda Arimika, I. K. W., (2022). Analisis Kerentanan Website SMA Negeri 2 Amlapura Menggunakan Metode OWASP (Open Web Application Security Project). Simkom, 7(1), pp. 23β27. DOI: https://doi.org/10.51717/simkom.v7i1.63
Shama, A. M., & W. Chandra, D., (2021). Implementasi Static Application Security Testing Menggunakan Jenkins Ci/Cd Berbasis Docker Container Pada Pt. Emporia Digital Raya. Jurnal Ilmiah Informatika, 9(02), pp. 95β99. DOI: https://doi.org/10.33884/jif.v9i02.3769
Ramadhan, R. S., Widjajarto, A., & Almaarif, A., (2022). Vulnerability Management Pada Vulnerable Docker Menggunakan Clair Scanner Dan Joomscan Berdasarkan Standar GSA CIO-IT Security -17-80. 4(1), pp. 85β93. DOI: https://doi.org/10.30865/json.v4i1.4789.