Make Me a Sandwich: Automating a Custom SecDevOps Pipeline
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore a comprehensive conference talk on automating a custom SecDevOps pipeline, presented by Patrick Albert and Tony Trummer at APPSEC CA 2017. Delve into the challenges of finding vulnerabilities and learn about server-side hooks, webhooks, and build servers. Discover strategies for configuring Github Auth, polling, and build step actions. Examine integration point issues and SDLC Automation Integration points. Gain insights into building your own tools, including SAST tools, and understanding grammars. Explore improvement strategies for automation in security development operations. This 46-minute presentation, hosted by the OWASP Foundation, offers valuable knowledge for security professionals and developers looking to enhance their SecDevOps practices.
Syllabus
Intro
Premise
Cost of finding vulnerabilities
Server-side hooks
Webhooks
Build servers
Configuring Github Auth
Configuring polling
Objectives
Build Steps actions
Considerations
Integration point issues
SDLC Automation Integration points
Building your own tools
Building your own SAST Tool
What's a grammar?
Improving automation
Strategies
Taught by
OWASP Foundation
Related Courses
Introduction to Agile Software Development: Tools & TechniquesUniversity of California, Berkeley via edX Advanced Topics and Techniques in Agile Software Development
University of California, Berkeley via edX The Data Scientist’s Toolbox
Johns Hopkins University via Coursera How to Use Git and GitHub
Udacity Desarrollo de Videojuegos 3D en Unity: Una Introducción
Universidad de los Andes via Coursera