Learn about application security without relying on additional tools in this 44-minute conference talk from the Central Ohio InfoSec Summit 2016. Explore integration, requirements, frameworks, dynamic scanning, best practices, static scanners, continuous integration, QA, and operations. Discover successful approaches to implementing AppSec and gain insights on whether you need a dynamic scanner. Benefit from Jason Kent's expertise as he guides you through essential aspects of application security, emphasizing practical strategies that can be implemented without specialized tools.
Overview
Syllabus
Introduction
About Jason
Agenda
Integration
Requirements
Framework
Dynamic Scanner
Best Practices
Dynamic Scanning
Do I have a Dynamic Scanner
Static Scanners
Continuous Integration
QA
Operations
Successes
Related Courses
-
Application Security for Developers and DevOps Professionals
-
Building an Application Security Program
-
Practical Tips for Defending Web Applications in the Age of DevOps
-
Application Security in an Agile SDLC
-
Differences Between Web Application Scanning Tools When Scanning for XSS and SQLi
-
SDLC for the DevSecOps Era - Adapting Application Security Techniques
