Explore rugged development practices and security integration in this 46-minute LASCON conference talk. Learn pragmatic approaches and tools to ruggedize your end-to-end development lifecycle, from code commit to running system. Discover solutions for enhancing development processes, delivery pipelines, and operational runtime. Gain insights into DevOps culture, continuous delivery, and security testing techniques. Address common vulnerabilities like cross-site scripting, SQL injection, and cross-site request forgery. Understand the importance of input sanitization, whitelisting, and CSRF tokens. Compare testing frameworks like Gauntlet and Cucumber. Walk away with immediately applicable solutions and knowledge of rugged anti-patterns to improve your development practices.
Overview
Syllabus
Introduction
Cloud
How does it perform
Play nice with others
DevOps culture
Continuous delivery
Development and build pipeline
Security testing
Developer focus
Crosssite scripting
Input sanitization
Input whitelist
Sequel injection
Parameters queries
Crosssite request forgery
CSRF tokens
Gauntlet vs Cucumber
Quick Links
Moving Security Testing Early
Demo
Map Attack
Taught by
LASCON
Related Courses
-
PHP Web Application Security
-
Basic Web Applications Security
-
Facebook's Approach to Common Web Vulnerabilities
-
Pentesting ASP.NET - Injection and Cross-Site Scripting Attacks
-
Choose Django for Secure Web Development
-
Practical Exploitation Using A Malicious Service Set Identifier - SSID - Deral Heiland
