Overview
Explore a comprehensive approach to creating an effective and scalable DevSecOps pipeline using free tools in this 43-minute conference talk from OWASP AppSec EU 2018. Learn how to implement Interactive Application Security Testing (IAST) for real-time vulnerability detection and Runtime Application Self-Protection (RASP) for enhanced attack visibility and exploit prevention. Discover techniques to empower developers with immediate security feedback, continuously analyze libraries and frameworks for vulnerabilities, integrate security into CI/CD processes, identify application layer attacks, and prevent exploitation of newly discovered vulnerabilities in open source libraries. Gain practical insights to establish your own DevSecOps pipeline adaptable to various tools, processes, and even legacy applications.
Syllabus
Jumpstarting Your DevSecOps Pipeline with IAST and RASP - Jeff Williams
Taught by
OWASP Foundation