Overview
Explore continuous security testing strategies for DevOps environments in this 51-minute conference talk from Security BSides London. Learn how to address the challenges of performing penetration tests in rapidly evolving production environments. Discover the BDD-Security framework, designed to bridge the gap between security teams and developers by providing tools to specify security requirements in human-readable form, create executable tests, record and test business logic vulnerabilities, and integrate security testing into continuous integration and deployment pipelines. Witness a live demonstration of configuring and running the BDD-Security framework on a web application and its integration with Jenkins CI server for automated security testing after each code commit.
Syllabus
Stephen de Vries: Contininuous Security Testing in a DevOps World (Rerelease)
Taught by
Security BSides London