YoVDO

DevSecOps with OWASP DevSlop

Offered By: OWASP Foundation via YouTube

Tags

Conference Talks Courses DevSecOps Courses Secure Coding Practices Courses Security Testing Courses Secret Management Courses OWASP ZAP Courses

Course Description

Overview

Explore DevSecOps practices with OWASP DevSlop in this conference talk from OWASP Global AppSec Tel Aviv. Learn about the "Patty the Pipeline" project, which demonstrates secure component management, secret retrieval from a secret store, and code validation through negative unit tests, DAST, SAST, and encryption and infrastructure verification. Discover how to implement DevSecOps principles using open-source tools like SSL Labs, White Source Bolt, Azure DevOps Security Toolkit, and OWASP Zap. Gain insights from speakers Nancy Gariché, founder of BDB Skills, and Tanya Janca, Senior Cloud Advocate at Microsoft, as they provide a comprehensive start-to-finish demo of each pipeline component. Access supporting videos and resources to enhance your understanding of DevSecOps and improve your own development pipelines.

Syllabus

Intro
Patty Pipeline
Meet Tanya
About DevSecOps
AppSecOps
SSL Lab
Secret Store
Scan for Secrets


Taught by

OWASP Foundation

Related Courses

Ethical Hacking 2021: Beginners to Advanced level
Udemy
Writing Custom Scripts for OWASP Zed Attack Proxy
Pluralsight
Automate Web Application Scans with OWASP ZAP and Python
Pluralsight
Ethical Hacking 101: Web App Penetration Testing - a full course for beginners
freeCodeCamp
Dynamic Application Security Testing (DAST)
LinkedIn Learning