Overview
Explore the implementation and benefits of DevSecOps in this 46-minute conference talk by Jihai Zhou from Tencent. Gain insights into the current status of DevSecOps and learn about various application security testing methods, including Static (SAST), Dynamic (DAST), and Interactive (IAST) approaches. Discover how DevSecOps training can be enhanced through embedded study materials in tools and platforms like Secure Code Warrior. Understand the importance of cyber security events, such as security coding competitions, in fostering a security-minded development culture. Examine the DevSecOps Maturity Model to assess and improve your organization's security integration within the development lifecycle.
Syllabus
Introduction
The Benefit of DevSecOps
DevSecOps Current Status
Static Application Security Testing (SAST)
Dynamic Application Security Testing (DAST)
Interactive Application Security Testing (IAST)
DevSecOps Training - Tools' Embedded Study Material
DevSecOps Training - Secure Code Warrior
Cyber Security Event - Security Coding Competition
DevSecOps Maturity Model
Taught by
Linux Foundation