Taking AppSec to 11: Pipelines, DevOps and Making Things Better
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore strategies for scaling up application security programs in large organizations with limited resources. Learn how to leverage DevOps, Agile, and CI/CD principles to create an AppSec Pipeline that iteratively improves security over time. Gain insights from real-world experiences at Rackspace and Pearson, covering key principles for speeding up and scaling AppSec programs. Discover practical examples of implementing these practices, including early integration, technical debt reduction, and customized workflows. Understand how to optimize AppSec efforts based on application types, risk systems, and automated tools. Explore concepts like the Knapsack Pipeline, reusable paths, and AppSec QA to enhance efficiency. Learn about integrating assessments, team dashboards, and defect management into your AppSec pipeline. Gain valuable knowledge on experimentation, manual assessments, and tool integrations to create a comprehensive AppSec strategy for your organization.
Syllabus
Intro
Silver Lining
Handcrafting
Spinal Tap
Work Hallelujah
Workflow
Flow
Workflows
Custom but fast
AppSec Pipeline
Knapsack Pipeline
Reusable Path
AppSec QA
Optimizing AppSec
App Types
Risk System
Automated Tools
Threadfixes
Work in progress
Assessments
Team Dashboard
Application Repository
Application Status
Defect Dojo
Upstream and downstream information
Python Bob
Checkmarks
Experimentation
The Curve
Manual Assessment
Oh Snap Sec Pipeline
Tool Integrations
Absolute Pipeline Toolbox
Taught by
OWASP Foundation
Related Courses
Security Principles(ISC)² via Coursera Emergency and Disaster Training and Exercising: An Introduction
Coventry University via FutureLearn A General Approach to Risk Management
University System of Georgia via Coursera A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera Academia de auditoría en la nube: independencia en la nube (Español LATAM) | Cloud Audit Academy - Cloud Agnostic (Spanish from Latin America)
Amazon Web Services via AWS Skill Builder