The Defense Rests - Automation and APIs for Improving Security
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a comprehensive conference talk from Black Hat USA 2012 that delves into improving security through automation and APIs. Learn how to enhance both operations and development by leveraging tools like Chef, Puppet, Jenkins, Logstash, Elasticsearch, Splunk, and Hadoop. Discover the importance of centralized management, automation, and testing in security practices. Understand why deploying more frequently with smaller change sets can be beneficial, and how to prepare for failures while ensuring rapid recovery. Gain insights into real-world examples and open-source software implementations, including open protocols like Netconf and tools like Dasein-cloud. The presentation covers topics such as continuous integration, API design, identifying vulnerabilities, integration unit tests, and overcoming obstacles in security automation. While avoiding discussions on APT, DevOps vs. NoOps, BYOD, or Cloud Security concerns, this talk provides practical knowledge for improving security practices through automation and API utilization.
Syllabus
Intro
Feedback Slides
David Mortman
Jenkins HP
Continuous Integration
API Design
Obstacles
Java module
Simple RESTful API
Identifying vulnerabilities
Integration unit tests
Automation
Questions
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube