Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Security DevOps - Staying Secure in Agile Projects

OWASP Foundation via YouTube

Overview

Explore security DevOps strategies for maintaining security in agile projects through this conference talk from AppSecEU 2015. Dive into four different axes of security implementation, including dynamic depth, static depth, intensity, and consolidation. Learn how to integrate tools like ZAP, Jenkins, BDD-Security, and Gauntlt into your CI/CD pipeline. Discover techniques for guiding security tools into post-authentication scenarios, conducting backend scans, and handling special workflows. Examine methods for consolidating security reports, flagging builds, and incorporating code coverage analysis. Gain insights on balancing security measures with agile development practices to ensure robust application security throughout the development lifecycle.

Syllabus

Intro
Why Security DevOps?
Four different axes
Let's explore these axes
Axis of "Dynamic Depth"
Axis "Dynamic Depth": Level 1
ZAP in SecDevOps?
ZAP + Jenkins = SecDevOps?
BDD-Security in SecDevOps?
Gauntlt in SecDevOps?
Axis "Dynamic Depth": Level 2
Guide ZAP into Post-Auth in CI
Guide Arachni into Post-Auth
Guide BDD-Security into Post-Auth
Axis "Dynamic Depth": Level 3
Backend scans with ZAP
Backend scans with Arachni
Axis "Dynamic Depth": Level 4
ZAP with special workflows (2/3)
ZAP with special workflows (3/3)
BDD with special workflows
If no Selenium test code exists!
Axis of "Static Depth"
Axis of "Intensity"
Axis of "Consolidation"
Axis "Consolidation": Level 1
Axis "Consolidation": Level 2
Flagging builds from reports
Axis "Consolidation": Level 3
Axis "Consolidation": Level 4
Code coverage analysis

Taught by

OWASP Foundation

Reviews

Start your review of Security DevOps - Staying Secure in Agile Projects

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.