Explore a 52-minute conference talk from LASCON 2014 on automating OpenStack API security testing. Learn how Rackspace tackles the challenges of traditional manual security testing by integrating automated processes into Agile development and CI/CD pipelines. Discover the open-source testing framework and security plugin developed by Rackspace, which detects common vulnerabilities like SQL injection, command injection, and improper authentication. Gain insights into the collaboration between security and quality engineers to create comprehensive test cases for OpenStack projects. Understand the benefits of integrating security testing into the SDLC, including earlier detection and remediation of security defects. Hear from speakers Nathan Buckner, Jim Freeman, and Michael Xin as they discuss challenges, lessons learned, and best practices for improving OpenStack API security testing.
Overview
Syllabus
Intro
Quality
Testing
Challenges
What is OpenStack
Architecture
Quality Engineering
Open Cafe
Open Cafe Architecture
Security Cafe Architecture
Data Generators
DataDriven Test
Authorization Test
One Suite
New Purpose
Whats Next
Taught by
LASCON
