Your Security Tools Are Just a Stop-Gap to Secure DevOps
Offered By: LASCON via YouTube
Course Description
Overview
Explore a comprehensive approach to securing DevOps pipelines in this 43-minute LASCON conference talk. Learn why a tools-first approach often falls short and discover a risk-based methodology for enhancing application security. Understand the importance of considering business risks, threat models, and required security controls before selecting tools. Gain insights into essential security components for CD pipelines, strategies for building organizational momentum, and overcoming common challenges through industry case studies. Examine a high-level maturity model for setting goals and tracking progress in fast-paced application security programs. Delve into topics such as requirements interfaces, approval processes, security reference architectures, end-to-end testing, static analysis, and security test coverage to develop a more robust and effective DevOps security strategy.
Syllabus
Intro
Take a breath
Requirements interface
Approval process
Security reference architecture
Endtoend tests
Requirements tests
Static analysis
Security test coverage
Security requirements interface
Security maturity model
Taught by
LASCON
Related Courses
Web and Mobile Testing with SeleniumUniversity of Minnesota via Coursera DevOps Pipeline: Automatización hasta el despliegue
Universidad Anáhuac via edX Programming Foundations: Software Testing/QA
LinkedIn Learning Security Assessment and Testing for CISSP®
Pluralsight EU Panel: The Joys of Integrating Security Testing into Your Pipeline
Pluralsight