YoVDO

The A's, B's, and Four C's of Testing Cloud-Native Applications

Offered By: LASCON via YouTube

Tags

LASCON Courses Threat Modeling Courses API Testing Courses Software Bill of Materials Courses

Course Description

Overview

Explore the evolving landscape of testing cloud-native applications in this 48-minute LASCON conference talk. Delve into the A's, B's, and Four C's of modern testing methodologies, examining crucial aspects such as Software Bill of Materials (SBOM), Architectural Bill of Materials, and high-level threat modeling concepts. Learn about API testing, component analysis, compute resources, and cloud configuration. Discover how to create effective data flow diagrams, map threats to asset types, and develop comprehensive test plans. Gain insights into reporting strategies, security and risk management practices, and the role of service owners and developers in the testing process. Conclude with a Q&A session addressing additional resources and audience inquiries.

Syllabus

Intro
Dan Cornell
The More Interesting New Days
What Changed?
Software Bill of Materials (SBOM)
Architectural Bill of Materials
High Level Threat Modeling Concepts
Example Data Flow Diagram
Mapping Threats to Asset Types
Code - API Testing
Components
Compute
Cloud Configuration
So What Does This All Look Like?
Reporting
Security/Risk Management
Service Owner/Developer
Test Plan
If You Have More Resources
Questions and Answers


Taught by

LASCON

Related Courses

Target Rich Cyber Poor
BSidesLV via YouTube
SBOM Challenges and How to Fix Them
BSidesLV via YouTube
The Case for Software Bill of Materials
BSidesLV via YouTube
Collaborating to Improve Open Source Security - How the Ecosystem Is Stepping Up
RSA Conference via YouTube
Software Bill of Materials - Progress toward Transparency of Third-Party Code
RSA Conference via YouTube