Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Rise of the Machines: Automating Application Security Assessments - AppSec EU 2017

OWASP Foundation via YouTube

Overview

Explore an innovative approach to automating application security assessments in this 45-minute conference talk from AppSec EU 2017. Discover how a team tackled the challenge of securing hundreds of applications across diverse programming languages, platforms, and legacy systems with limited resources. Learn about their journey in creating an automation-scanning and reporting platform using Jenkins, HP Fortify SCA/SSC, OWASP ZAP, OWASP DefectDojo, Slack, and Jira. Gain insights into their decision-making process, including technologies they chose not to use and why. Witness a live demo showcasing the implementation of this automated solution, covering topics such as vulnerability scanning, metrics, aggregated data, dashboards, and JIRA reporting. Understand the lessons learned and participate in a collaborative session where feedback and questions are encouraged.

Syllabus

Introduction
Background on Dun Bradstreet
The team
Other responsibilities
Landscape
Remote team
Automation
Vulnerability scanning
Vulnerability metrics
Diverse tool set
Aggregated data
Dashboards
JIRA
JIRA Reporting
Automation Framework
Bagofholding
Bagofholding App
Report
Templates
Gamification
Validation
Lessons Learned
Titanic Reference
Rohinis Demo
SSC Results
Questions

Taught by

OWASP Foundation

Reviews

Start your review of Rise of the Machines: Automating Application Security Assessments - AppSec EU 2017

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.