YoVDO

Securing the Continuous Integration Process

Offered By: OWASP Foundation via YouTube

Tags

Continuous Integration Courses DevOps Courses Version Control Courses Root Cause Analysis Courses Software Security Courses Software Development Life Cycle Courses Build Automation Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the security implications of continuous integration (CI) in software development through this OWASP Foundation conference talk. Gain insights into best practices for implementing CI within a secure Software Development Life Cycle (SDLC). Learn about technology and process changes involved in setting up a CI environment, focusing on essential security features rather than specific tools or vendors. Discover the basic CI cycle, importance of environment isolation, version control servers, integration build servers, and feedback mechanisms. Delve into CI maturity models, code reviews, root-cause analysis, and chain of custody. Understand why "on commit" practices are beneficial for secure development. This presentation provides valuable guidance for organizations of all sizes across various technology stacks and problem domains looking to enhance their CI security.

Syllabus

Intro
This is not tools talk
Basic Cl cycle
Isolate your environment
Version control server
Integration build server
Feedback mechanism
CI Maturity model
Code reviews
Root-cause Analysis
Chain of custody
"On commit" is great


Taught by

OWASP Foundation

Related Courses

Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld Systems
Vanderbilt University via Coursera Engineering Maintainable Android Apps
Vanderbilt University via Coursera Software Design as an Element of the Software Development Lifecycle
University of Colorado System via Coursera Secure Software Development
Pluralsight Secure Software Concepts for CSSLPĀ®
Pluralsight