Explore the practical implementation of DevSecOps and continuous security testing in this 42-minute conference talk from OWASP AppSec EU 2018. Dive into the open-source AppSec Pipeline tool, which has been successfully utilized in real-world companies for effective security work. Gain insights into automating security processes using Docker containers, customizing the tool to fit your needs, and leveraging provided references to kickstart your journey. Learn how to integrate the AppSec Pipeline into your team's workflow and discover example templates for optimal use of the automated tools. Additionally, get a brief overview of OWASP Defect Dojo for storing and managing issues identified by your AppSec Pipeline. Benefit from the field-tested methods shared by two AppSec professionals with nearly two decades of combined experience. Perfect for those ready to embark on their DevSecOps journey with a focus on practical, continuous testing rather than theoretical concepts.
Making Continuous Security a Reality with OWASP's AppSec Pipeline
Overview
Syllabus
Making Continuous Security a Reality with OWASP’s AppSec Pipeline - Matt Tesauro & Aaron Weaver
Taught by
OWASP Foundation
Related Courses
-
Making Continuous Security a Reality with OWASP's AppSec Pipeline - 2018
-
DevSecOps Fundamentals
-
AppSec++ - Taking the Best of Agile, DevOps, and CI/CD into Your AppSec Program
-
DevSecOps : Master Securing CI/CD | DevOps Pipeline(2023)
-
DevSecOps: Adding Security Testing Tools to Pipelines
-
AppSec Pipelines and Event-based Security - Moving Beyond Traditional Security Testing
