Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Taking AppSec to 11: Pipelines, DevOps and Making Things Better

OWASP Foundation via YouTube

Overview

Explore strategies for scaling up application security programs in large organizations with limited resources. Learn how to leverage DevOps, Agile, and CI/CD principles to create an AppSec Pipeline that iteratively improves security over time. Gain insights from real-world experiences at Rackspace and Pearson, covering key principles for speeding up and scaling AppSec programs. Discover practical examples of implementing these practices, including early integration, technical debt reduction, and customized workflows. Understand how to optimize AppSec efforts based on application types, risk systems, and automated tools. Explore concepts like the Knapsack Pipeline, reusable paths, and AppSec QA to enhance efficiency. Learn about integrating assessments, team dashboards, and defect management into your AppSec pipeline. Gain valuable knowledge on experimentation, manual assessments, and tool integrations to create a comprehensive AppSec strategy for your organization.

Syllabus

Intro
Silver Lining
Handcrafting
Spinal Tap
Work Hallelujah
Workflow
Flow
Workflows
Custom but fast
AppSec Pipeline
Knapsack Pipeline
Reusable Path
AppSec QA
Optimizing AppSec
App Types
Risk System
Automated Tools
Threadfixes
Work in progress
Assessments
Team Dashboard
Application Repository
Application Status
Defect Dojo
Upstream and downstream information
Python Bob
Checkmarks
Experimentation
The Curve
Manual Assessment
Oh Snap Sec Pipeline
Tool Integrations
Absolute Pipeline Toolbox

Taught by

OWASP Foundation

Reviews

Start your review of Taking AppSec to 11: Pipelines, DevOps and Making Things Better

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.