01 December 2020
30 November 2023
PIACERE solution consists of an integrated DevSecOps framework to develop, verify, release, configure, provision, and monitor infrastructure as code. It enables the automation of several deployment, configuration and management tasks that otherwise would have to be performed manually by an operator. The main characteristics of this solution are:
The Key Exploitable Results of PIACERE are distributed through a DEV - SEC - OPS perspective based on disruptive technological innovation that has Security as a centrepiece in the context of a DevSecOps Framework (KR13).
The Security engine is fed by an IaC Verification Tool (KR5), applying static analysis to both the abstract model and the related infrastructural code. It includes an IaC Security Inspector (KR6), checking the IaC code against the known cybersecurity issues, and a Component Sec Inspector (KR7), analysing also the IaC code, reports the potential vulnerabilities and proposes potential fixes. It also includes the Runtime Sec Monitoring (KR12), responsible for the verification of any security violation at runtime.
The Development capabilities rely on the end-user language DevSecOps Modelling Language (DOML / KR1) enabling the modelling of deployment and configuration of complex infrastructural software, further elaborated by the DOML Extension mechanism (DOML-E / KR4). It is accessible over an Integrated Development Environment (PIACERE IDE / KR2) allowing DevSecOps teams to exploit the novelties provided by this project. It enables an Infrastructural Code Generator (ICG / KR3) capable of generating IaC code from models written in DOML
The Operations capabilities of PIACERE are enabled by the IaC Optimized Platform (IOP / KR9) presenting the DevSecOps teams with the most appropriate deployment configurations, in pair with the IaC Execution Manager (IEM / KR10) that will automatically plan, prepare, and provision the infrastructure and plan, prepare, and install the corresponding software elements needed for the application to seamlessly run. It also includes self-learning and self-healing mechanisms (KR11) and a Canary Sandbox Environment (KR8) allow unit testing of the behaviour of IaC.
More information can be consulted at our website at www.piacere-project.eu, through our blog, or at our social media channels over LinkedIn @iacere-project-h2020, Twitter @PIACEREproject and Youtube @PIACERE project. The Open Source code will soon be available on GitHub.
Are you looking for new Cybersecurity or Privacy services?
Find the right solution for your security needs!
Verify any security violation at runtime, monitoring stack for the run-time conditions so that the self- learning and self-healing mechanisms can be fed.
Analysing also the IaC code, reports the potential vulnerabilities and proposes potential fixes, addressing the dependency information from the IaC and application code, detect included programs and libraries with known vulnerabilities by querying public vulnerability databases,
Avoid misconfigurations, insecure coding and configuration patterns through an automated solution for checking the integrity and applicability of IaC code that is to be deployed on an infrastructure.