Securing the Continuous Integration Process
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the security implications of continuous integration (CI) in software development through this OWASP Foundation conference talk. Gain insights into best practices for implementing CI within a secure Software Development Life Cycle (SDLC). Learn about technology and process changes involved in setting up a CI environment, focusing on essential security features rather than specific tools or vendors. Discover the basic CI cycle, importance of environment isolation, version control servers, integration build servers, and feedback mechanisms. Delve into CI maturity models, code reviews, root-cause analysis, and chain of custody. Understand why "on commit" practices are beneficial for secure development. This presentation provides valuable guidance for organizations of all sizes across various technology stacks and problem domains looking to enhance their CI security.
Syllabus
Intro
This is not tools talk
Basic Cl cycle
Isolate your environment
Version control server
Integration build server
Feedback mechanism
CI Maturity model
Code reviews
Root-cause Analysis
Chain of custody
"On commit" is great
Taught by
OWASP Foundation
Related Courses
Разработка корпоративных систем. Часть 2. Строгие методологии разработкиNational Research Nuclear University MEPhI via Coursera Cyber Security in the Software Development Life Cycle
Coventry University via FutureLearn DevOps Tutorial: Complete Beginners Training - 5 in 1 Bundle
Udemy How Cyber Security Affects the Software Development Life Cycle
Coventry University via FutureLearn ISTQB® Foundation: Testing throughout the Software Development Lifecycle
Pluralsight