Rise of the Machines: Automating Application Security Assessments - AppSec EU 2017
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore an innovative approach to automating application security assessments in this 45-minute conference talk from AppSec EU 2017. Discover how a team tackled the challenge of securing hundreds of applications across diverse programming languages, platforms, and legacy systems with limited resources. Learn about their journey in creating an automation-scanning and reporting platform using Jenkins, HP Fortify SCA/SSC, OWASP ZAP, OWASP DefectDojo, Slack, and Jira. Gain insights into their decision-making process, including technologies they chose not to use and why. Witness a live demo showcasing the implementation of this automated solution, covering topics such as vulnerability scanning, metrics, aggregated data, dashboards, and JIRA reporting. Understand the lessons learned and participate in a collaborative session where feedback and questions are encouraged.
Syllabus
Introduction
Background on Dun Bradstreet
The team
Other responsibilities
Landscape
Remote team
Automation
Vulnerability scanning
Vulnerability metrics
Diverse tool set
Aggregated data
Dashboards
JIRA
JIRA Reporting
Automation Framework
Bagofholding
Bagofholding App
Report
Templates
Gamification
Validation
Lessons Learned
Titanic Reference
Rohinis Demo
SSC Results
Questions
Taught by
OWASP Foundation
Related Courses
Operations and Patient Safety for Healthcare IT StaffJohns Hopkins University via Coursera Specialize in QA Manual Testing with Live Project+AGILE+JIRA
Udemy MasterClass Software Testing with Jira & Agile -Be a QA Lead
Udemy In-Depth Software Testing Training Course From Scratch
Udemy Planning and Releasing Software with JIRA
LinkedIn Learning