Securing Applications in SDLC and Cloud-Native Web and API Protection - Sessions 1 and 2
Offered By: DevSecCon via YouTube
Course Description
Overview
Explore two critical aspects of application security in this DevSecCon conference talk. Delve into secure coding practices within the Software Development Life Cycle (SDLC) and learn how to identify common vulnerabilities, debug secure code, and integrate security throughout the development process. Then, discover the emerging field of Cloud-native Web Application and API Protection (WAAP), focusing on securing web and API endpoints for cloud-native deployments. Gain insights into open-appsec, an open-source WAAP solution that utilizes machine learning to analyze HTTP/S requests and provide preemptive protection against OWASP Top-10 and zero-day attacks. Learn about deployment options, configuration, and monitoring techniques for effective application security in modern cloud environments.
Syllabus
Introduction
Who am I
Agenda
Perspective
Signatures
Open Absec
Configuration
Open Source Bill
Checkpoint
OpenAppSec
SQL Injection Example
Machine Learning Models
Zero Day
Zero T
Stage 1 Atomic Indicators
Stage 2 User Reputation
Stage 2 Management Options
Pro DevOps
Middleground
Demo
Logs
Management portal
Deployment
Monitoring
Conclusion
Taught by
DevSecCon
Related Courses
Introduction to Artificial IntelligenceStanford University via Udacity Natural Language Processing
Columbia University via Coursera Probabilistic Graphical Models 1: Representation
Stanford University via Coursera Computer Vision: The Fundamentals
University of California, Berkeley via Coursera Learning from Data (Introductory Machine Learning course)
California Institute of Technology via Independent