Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

DevSecOps: Adding Security Testing Tools to Pipelines

via Pluralsight

Overview

Automated security testing can be daunting to start with.
This course will
teach you which tools you can easily implement into your existing CI/CD
pipelines and what results can be expected with each tool.

You want to start implementing automated security tests into your existing CI/CD pipelines. In this course, DevSecOps: Adding Security Testing Tools to Pipelines, you’ll learn to select the right tool for the right job. First, you’ll explore several tools that can detect secrets. Next, you’ll discover how to add static and dynamic application security testing tools to pipelines. Finally, you’ll learn how to perform software composition analysis. When you’re finished with this course, you’ll have the skills and knowledge of automated security testing needed to properly implement automated security testing into pipelines: from automatically detecting secrets in your source code all the way to running scans against a running application.

Syllabus

  • Course Overview 1min
  • Initializing the Setup for Automated Security Testing 20mins
  • Detecting Secrets in Code 15mins
  • Performing Dockerfile Linting using Hadolint 7mins
  • Performing Static Application Security Testing Using njsscan 6mins
  • Performing Static Application Security Testing Using SonarQube 13mins
  • Performing Software Composition Analysis Using OWASP Dependency-Check 9mins
  • Detecting Vulnerabilities in Third-party Libraries Using Software Bill of Materials and OWASP Dependency-Track 14mins
  • Detecting Vulnerabilities in Images Using Trivy 6mins
  • Performing Dynamic Application Security Testing Using OWASP ZAP 8mins
  • Performing Dynamic Application Security Testing Using Nikto 6mins
  • Performing Full Automated Security Testing in a Pipeline 9mins

Taught by

Peter Mosmans

Reviews

Start your review of DevSecOps: Adding Security Testing Tools to Pipelines

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.