YoVDO

Test Driven Security in Continuous Integration

Offered By: USENIX Enigma Conference via YouTube

Tags

Security Testing Courses DevOps Courses CI/CD Courses Continuous Integration Courses

Course Description

Overview

Explore a 20-minute conference talk from USENIX Enigma 2017 on implementing Test Driven Security (TDS) in Continuous Integration environments. Learn how Mozilla's CloudSec team redesigned security controls to keep pace with rapid DevOps deployment cycles. Discover the principles of TDS, which prioritizes security tests representing desired behaviors and continuously runs them against code. Gain insights into how this approach accelerates the discovery and mitigation of security issues compared to traditional methods. Examine Mozilla's use of open-source tools to implement TDS, reducing security vulnerabilities and regressions in production environments. Understand the talk's structure, covering topics such as DevOps pipelines, writing and running tests in CI/CD, socializing requirements, and enforcing test passage. Benefit from the expertise of Julien Vehent, Firefox Services Security Lead at Mozilla, as he shares practical strategies for integrating security into fast-paced development cycles.

Syllabus

Intro
Bug Bounty payments
A DevOps pipeline
Writing tests
3. Running tests in CI/CD
Socialize requirements
5. Require tests to pass
Does it work?


Taught by

USENIX Enigma Conference

Related Courses

Web Engineering III: Quality Assurance
Technische Hochschule Mittelhessen via iversity
Introduction to Cloud Infrastructure Technologies
Linux Foundation via edX
DevOps for Developers: How to Get Started
Microsoft via edX
Accelerate Software Delivery using DevOps
Microsoft via edX
Building R Packages
Johns Hopkins University via Coursera