Test Driven Security in Continuous Integration
Offered By: USENIX Enigma Conference via YouTube
Course Description
Overview
Explore a 20-minute conference talk from USENIX Enigma 2017 on implementing Test Driven Security (TDS) in Continuous Integration environments. Learn how Mozilla's CloudSec team redesigned security controls to keep pace with rapid DevOps deployment cycles. Discover the principles of TDS, which prioritizes security tests representing desired behaviors and continuously runs them against code. Gain insights into how this approach accelerates the discovery and mitigation of security issues compared to traditional methods. Examine Mozilla's use of open-source tools to implement TDS, reducing security vulnerabilities and regressions in production environments. Understand the talk's structure, covering topics such as DevOps pipelines, writing and running tests in CI/CD, socializing requirements, and enforcing test passage. Benefit from the expertise of Julien Vehent, Firefox Services Security Lead at Mozilla, as he shares practical strategies for integrating security into fast-paced development cycles.
Syllabus
Intro
Bug Bounty payments
A DevOps pipeline
Writing tests
3. Running tests in CI/CD
Socialize requirements
5. Require tests to pass
Does it work?
Taught by
USENIX Enigma Conference
Related Courses
Introduction to JenkinsLinux Foundation via edX Introduction to Cloud Native, DevOps, Agile, and NoSQL
IBM via edX Learn Azure DevOps CI/CD pipelines
Udemy IBM Full Stack Software Developer
IBM via Coursera DevOps: CI/CD with Jenkins pipelines, Maven, Gradle
Udemy