Securing Applications in SDLC and Cloud-Native Web and API Protection - Sessions 1 and 2
Offered By: DevSecCon via YouTube
Course Description
Overview
Explore two critical aspects of application security in this DevSecCon conference talk. Delve into secure coding practices within the Software Development Life Cycle (SDLC) and learn how to identify common vulnerabilities, debug secure code, and integrate security throughout the development process. Then, discover the emerging field of Cloud-native Web Application and API Protection (WAAP), focusing on securing web and API endpoints for cloud-native deployments. Gain insights into open-appsec, an open-source WAAP solution that utilizes machine learning to analyze HTTP/S requests and provide preemptive protection against OWASP Top-10 and zero-day attacks. Learn about deployment options, configuration, and monitoring techniques for effective application security in modern cloud environments.
Syllabus
Introduction
Who am I
Agenda
Perspective
Signatures
Open Absec
Configuration
Open Source Bill
Checkpoint
OpenAppSec
SQL Injection Example
Machine Learning Models
Zero Day
Zero T
Stage 1 Atomic Indicators
Stage 2 User Reputation
Stage 2 Management Options
Pro DevOps
Middleground
Demo
Logs
Management portal
Deployment
Monitoring
Conclusion
Taught by
DevSecCon
Related Courses
Разработка корпоративных систем. Часть 2. Строгие методологии разработкиNational Research Nuclear University MEPhI via Coursera Cyber Security in the Software Development Life Cycle
Coventry University via FutureLearn DevOps Tutorial: Complete Beginners Training - 5 in 1 Bundle
Udemy How Cyber Security Affects the Software Development Life Cycle
Coventry University via FutureLearn ISTQB® Foundation: Testing throughout the Software Development Lifecycle
Pluralsight