DevSecOps: Automated Security Testing

Learn how to set up automated security testing for your software delivery workflow, including continuous integration/continuous delivery pipelines.

Introduction

• Welcome
• What you should know

1. Security Testing Basics

• Security and DevOps history in short
• Security and DevOps for the first time
• Automated security testing basics
• Tips for security automation for DevOps

2. Security Automation: Getting Started

• Setting up the demo environment
• Web application security quick tour
• Application security attack tools
• Security test automation with Gauntlt
• Running your first automated attack

3. Application Security Automation

• Application security vector: XSS
• XSS attack automation
• XSS attack automation refactoring
• SQLi attack automation
• Automating a fuzzer
• Network testing on the fly
• "Be mean to your code" in practice

4. Security Testing in Software Delivery Pipelines

• Shift left and the DevOps way
• Security testing in CI/CD

Conclusion

• Start automating security testing
• Next steps