YoVDO

SecDevOps - Current Research and Best Practices

Offered By: OWASP Foundation via YouTube

Tags

Conference Talks Courses DevOps Courses Unit Testing Courses Agile Development Courses Dynamic Analysis Courses Static Analysis Courses

Course Description

Overview

Explore current research and best practices in SecDevOps through this 51-minute conference talk from APPSEC Cali 2018. Delve into topics such as scaling security, static and dynamic analysis, security baselines, and infrastructure best practices. Learn how to calculate ROI for static analysis tools, implement effective hooks, and detect attacks. Gain insights from Clint Gibler, Research Director at NCC Group, as he shares his expertise on integrating security into Agile and DevOps processes. Discover practical approaches to dependency management, unit testing, and fostering security conversations within development teams.

Syllabus

Intro
Agile and DevOps
How to scale security
Overview
Static vs Dynamic Analysis
Types of Static Analysis
Good Hooks
Start a Conversation
Dependencies
Running arbitrary checks
Should I buy a static analysis tool
Calculating the ROI
Dynamic Analysis
Security Baselines
Unit Tests
Background
What we did
Doing this well
Infrastructure best practices
Detecting attacks
Questions


Taught by

OWASP Foundation

Related Courses

Ruby on Rails: An Introduction
Johns Hopkins University via Coursera Internet of Things Capstone: Build a Mobile Surveillance System
University of California, San Diego via Coursera Engineering Maintainable Android Apps
Vanderbilt University via Coursera Orientação a Objetos com Java
Instituto Tecnológico de Aeronáutica via Coursera TDD – Desenvolvimento de Software Guiado por Testes
Instituto Tecnológico de Aeronáutica via Coursera