YoVDO

The Defense Rests - Automation and APIs for Improving Security

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Puppet Courses Chef Courses Cross-Site Scripting (XSS) Courses Cross-Site Request Forgery (CSRF) Courses Buffer Overflow Courses APIs Courses Vulnerability Testing Courses

Course Description

Overview

Explore a comprehensive conference talk from Black Hat USA 2012 that delves into improving security through automation and APIs. Learn how to enhance both operations and development by leveraging tools like Chef, Puppet, Jenkins, Logstash, Elasticsearch, Splunk, and Hadoop. Discover the importance of centralized management, automation, and testing in security practices. Understand why deploying more frequently with smaller change sets can be beneficial, and how to prepare for failures while ensuring rapid recovery. Gain insights into real-world examples and open-source software implementations, including open protocols like Netconf and tools like Dasein-cloud. The presentation covers topics such as continuous integration, API design, identifying vulnerabilities, integration unit tests, and overcoming obstacles in security automation. While avoiding discussions on APT, DevOps vs. NoOps, BYOD, or Cloud Security concerns, this talk provides practical knowledge for improving security practices through automation and API utilization.

Syllabus

Intro
Feedback Slides
David Mortman
Jenkins HP
Continuous Integration
API Design
Obstacles
Java module
Simple RESTful API
Identifying vulnerabilities
Integration unit tests
Automation
Questions


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube
Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube
AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube
Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube
Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube