Test Driven Security in Continuous Integration
Offered By: USENIX Enigma Conference via YouTube
Course Description
Overview
Explore a 20-minute conference talk from USENIX Enigma 2017 on implementing Test Driven Security (TDS) in Continuous Integration environments. Learn how Mozilla's CloudSec team redesigned security controls to keep pace with rapid DevOps deployment cycles. Discover the principles of TDS, which prioritizes security tests representing desired behaviors and continuously runs them against code. Gain insights into how this approach accelerates the discovery and mitigation of security issues compared to traditional methods. Examine Mozilla's use of open-source tools to implement TDS, reducing security vulnerabilities and regressions in production environments. Understand the talk's structure, covering topics such as DevOps pipelines, writing and running tests in CI/CD, socializing requirements, and enforcing test passage. Benefit from the expertise of Julien Vehent, Firefox Services Security Lead at Mozilla, as he shares practical strategies for integrating security into fast-paced development cycles.
Syllabus
Intro
Bug Bounty payments
A DevOps pipeline
Writing tests
3. Running tests in CI/CD
Socialize requirements
5. Require tests to pass
Does it work?
Taught by
USENIX Enigma Conference
Related Courses
Startup EngineeringStanford University via Coursera Developing Scalable Apps in Java
Google via Udacity Cloud Computing Concepts, Part 1
University of Illinois at Urbana-Champaign via Coursera Cloud Networking
University of Illinois at Urbana-Champaign via Coursera Cloud Computing Concepts: Part 2
University of Illinois at Urbana-Champaign via Coursera