Explore a comprehensive approach to creating an effective and scalable DevSecOps pipeline using free tools in this 43-minute conference talk from OWASP AppSec EU 2018. Learn how to implement Interactive Application Security Testing (IAST) for real-time vulnerability detection and Runtime Application Self-Protection (RASP) for enhanced attack visibility and exploit prevention. Discover techniques to empower developers with immediate security feedback, continuously analyze libraries and frameworks for vulnerabilities, integrate security into CI/CD processes, identify application layer attacks, and prevent exploitation of newly discovered vulnerabilities in open source libraries. Gain practical insights to establish your own DevSecOps pipeline adaptable to various tools, processes, and even legacy applications.
Jumpstarting Your DevSecOps Pipeline with IAST and RASP
Overview
Syllabus
Jumpstarting Your DevSecOps Pipeline with IAST and RASP - Jeff Williams
Taught by
OWASP Foundation
Related Courses
-
DevSecOps Fundamentals
-
Practical DevSecOps - Creating a Simple Free Pipeline - 2018
-
DevSecOps using GitHub Actions: Secure CICD with GitHub
-
DevSecOps : Master Securing CI/CD | DevOps Pipeline(2023)
-
Fixing the Unfixable: Solving Pervasive Vulnerabilities with RASP
-
Using IAST to Unlock the Benefits of DevSecOps
