Explore scaling security testing in DevOps environments through this 41-minute conference talk by Roger Seagle, Principal Engineer at Cisco. Delve into the challenges of security testing, various deployment models, and general architecture concepts. Learn about relay connectivity requirements and gain insights into security test creation, including Dockerfile setup, manifest.yml configuration, and wrapper script implementation. Discover unit test targets, examine test content examples, and understand the application of Serverspec in security testing. Enhance your knowledge of integrating security practices into fast-paced DevOps workflows for more efficient and effective application security.
Scaling Security Testing at the Speed of DevOps
Overview
Syllabus
Intro
Security Testing is Hard
Deployment Models
Architecture: General
Architecture: Relay
Relay Connectivity Requirements
Security Tests: Overview
Security Tests: Creation
Security Tests: Dockerfile
Security Tests: manifest.yml
Security Tests: Wrapper Script
Security Tests: Unit Test Targets
Test Content Examples
Security Tests: Serverspec
Taught by
OWASP Foundation
