YoVDO

OpenStack API Security Testing Automation in Action

Offered By: LASCON via YouTube

Tags

LASCON Courses Agile Development Courses Fuzzing Courses

Course Description

Overview

Explore a 52-minute conference talk from LASCON 2014 on automating OpenStack API security testing. Learn how Rackspace tackles the challenges of traditional manual security testing by integrating automated processes into Agile development and CI/CD pipelines. Discover the open-source testing framework and security plugin developed by Rackspace, which detects common vulnerabilities like SQL injection, command injection, and improper authentication. Gain insights into the collaboration between security and quality engineers to create comprehensive test cases for OpenStack projects. Understand the benefits of integrating security testing into the SDLC, including earlier detection and remediation of security defects. Hear from speakers Nathan Buckner, Jim Freeman, and Michael Xin as they discuss challenges, lessons learned, and best practices for improving OpenStack API security testing.

Syllabus

Intro
Quality
Testing
Challenges
What is OpenStack
Architecture
Quality Engineering
Open Cafe
Open Cafe Architecture
Security Cafe Architecture
Data Generators
DataDriven Test
Authorization Test
One Suite
New Purpose
Whats Next


Taught by

LASCON

Related Courses

Comparing WAF and RASP - Why?
LASCON via YouTube
API Security - Is it the New Application Attack Surface and How to Secure at Enterprise Scale
LASCON via YouTube
Privacy Impact Assessments - How Much Privacy Is Enough?
LASCON via YouTube
Your Frontier Defense - Understanding Web Application Firewalls
LASCON via YouTube
Doing This One Crazy Thing Will Change Your AppSec Program Forever
LASCON via YouTube