YoVDO

Securing the Continuous Integration Process

Offered By: OWASP Foundation via YouTube

Tags

Continuous Integration Courses DevOps Courses Version Control Courses Root Cause Analysis Courses Software Security Courses Software Development Life Cycle Courses Build Automation Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the security implications of continuous integration (CI) in software development through this OWASP Foundation conference talk. Gain insights into best practices for implementing CI within a secure Software Development Life Cycle (SDLC). Learn about technology and process changes involved in setting up a CI environment, focusing on essential security features rather than specific tools or vendors. Discover the basic CI cycle, importance of environment isolation, version control servers, integration build servers, and feedback mechanisms. Delve into CI maturity models, code reviews, root-cause analysis, and chain of custody. Understand why "on commit" practices are beneficial for secure development. This presentation provides valuable guidance for organizations of all sizes across various technology stacks and problem domains looking to enhance their CI security.

Syllabus

Intro
This is not tools talk
Basic Cl cycle
Isolate your environment
Version control server
Integration build server
Feedback mechanism
CI Maturity model
Code reviews
Root-cause Analysis
Chain of custody
"On commit" is great


Taught by

OWASP Foundation

Related Courses

Web Engineering III: Quality Assurance
Technische Hochschule Mittelhessen via iversity Introduction to Cloud Infrastructure Technologies
Linux Foundation via edX DevOps for Developers: How to Get Started
Microsoft via edX Accelerate Software Delivery using DevOps
Microsoft via edX Building R Packages
Johns Hopkins University via Coursera