Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Your Security Tools Are Just a Stop-Gap to Secure DevOps

LASCON via YouTube

Overview

Explore a comprehensive approach to securing DevOps pipelines in this 43-minute LASCON conference talk. Learn why a tools-first approach often falls short and discover a risk-based methodology for enhancing application security. Understand the importance of considering business risks, threat models, and required security controls before selecting tools. Gain insights into essential security components for CD pipelines, strategies for building organizational momentum, and overcoming common challenges through industry case studies. Examine a high-level maturity model for setting goals and tracking progress in fast-paced application security programs. Delve into topics such as requirements interfaces, approval processes, security reference architectures, end-to-end testing, static analysis, and security test coverage to develop a more robust and effective DevOps security strategy.

Syllabus

Intro
Take a breath
Requirements interface
Approval process
Security reference architecture
Endtoend tests
Requirements tests
Static analysis
Security test coverage
Security requirements interface
Security maturity model

Taught by

LASCON

Reviews

Start your review of Your Security Tools Are Just a Stop-Gap to Secure DevOps

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.