Learn how to create a continuous, effective, and scalable DevSecOps pipeline using only free tools in this 55-minute conference talk from LASCON 2018. Discover how to implement Interactive Application Security Testing (IAST) for real-time vulnerability detection and Runtime Application Self-Protection (RASP) for production-level security. Explore techniques for integrating security vulnerability and attack telemetry into existing team tools, enabling real-time security feedback in IDEs, continuous analysis of libraries and frameworks, security integration in CI/CD processes, identification of application layer attacks, and prevention of exploitation in open source libraries. Gain practical knowledge to establish a DevSecOps pipeline immediately, adaptable to various tools and processes, including legacy applications and waterfall-style projects.
Practical DevSecOps - Creating a Simple Free Pipeline - 2018
Overview
Syllabus
2018 - Practical DevSecOps – the simple free pipeline anyone can create - Jeff Williams
Taught by
LASCON
Related Courses
-
Jumpstarting Your DevSecOps Pipeline with IAST and RASP
-
DevSecOps : Master Securing CI/CD | DevOps Pipeline(2023)
-
DevSecOps using GitHub Actions: Secure CICD with GitHub
-
The DevSecOps Builder's Guide to the CI/CD Pipeline
-
How to Apply DevSecOps Shift-Left Security with OWASP ZAP
-
Using IAST to Unlock the Benefits of DevSecOps
