From the course: Application Security in DevSecOps
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Continuous dynamic testing
From the course: Application Security in DevSecOps
Continuous dynamic testing
- [Narrator] The next type of testing we'll talk about is dynamic testing. It's the second most popular type of testing and one commonly used by many teams like developers, security testers and red teamers. Dynamic testing is sort of like an automated pen test. It scans a website called spidering to learn about its pages, text boxes, links and so on, and then tries to hack the site and test for vulnerabilities based on what it learns. As opposed to static testing, dynamic is mainly language agnostic. It doesn't care if the application is Java or .NET as long as it's web-based. If you come from a testing world, this type of testing would be considered black box. You don't really know how the application works and you're just trying to find a way to break in. One piece of advice when running the test against builds is to do it asynchronously. In other words, let the build complete even if the test is still running.…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
(Locked)
Continuous static testing4m 20s
-
(Locked)
Continuous dynamic testing4m 15s
-
(Locked)
Interactive application security testing4m 29s
-
(Locked)
Continuous secret scanning3m 41s
-
(Locked)
Continuous library security testing3m 45s
-
(Locked)
Continuous container security2m 41s
-
(Locked)
Continuous container security demo2m 27s
-
(Locked)
-
-