Monitoring Attack Surface and Integrating Security into DevOps Pipelines
Offered By: LASCON via YouTube
Course Description
Overview
Explore the critical intersection of cybersecurity and DevOps in this 45-minute conference talk from LASCON 2016. Delve into the concept of attack surface monitoring and learn effective strategies for seamlessly integrating security measures into DevOps pipelines. Examine the balance between automated and manual testing approaches, with a focus on Dynamic Application Security Testing (DAST). Discover techniques for merging static and dynamic results to enhance overall security posture. Gain insights into the challenges faced in this domain and witness a practical demonstration of relevant tools, plugins, and visualization techniques. Conclude by understanding key metrics for measuring the success of security integration in DevOps environments.
Syllabus
Introduction
Attack Surface and DevOps
Automation vs Manual Testing
Dynamic Application Security Testing
Merge Static and Dynamic Results
Why is this a problem
Demo
Plugins
Visualization
Metrics
Taught by
LASCON
Related Courses
Comparing WAF and RASP - Why?LASCON via YouTube API Security - Is it the New Application Attack Surface and How to Secure at Enterprise Scale
LASCON via YouTube Privacy Impact Assessments - How Much Privacy Is Enough?
LASCON via YouTube Your Frontier Defense - Understanding Web Application Firewalls
LASCON via YouTube Doing This One Crazy Thing Will Change Your AppSec Program Forever
LASCON via YouTube