- What is DevSecOps?
- How application security is different with DevSecOps
- Continuous static and dynamic testing
- Continuously scanning to prevent leaking secrets
- Continuous container security
- Pulling security tools together with the Glue tool
Skill Level Intermediate
- [Tim Chase] DevOps teams are always being pushed to build applications quickly and be more agile. As a security team we are left trying to understand where we fit in without slowing down the process. We want to make sure our applications are secure but do it in a way that fits into the DevOps mold. In this course we will provide a framework for building a continuous application security process that will help us keep up with security in the DevOps world. We will talk about DevSecOps and understand the role that application security plays. We will work with several application security tools that you can use with DevSecOps like SonarQube, truffleHog, and Dependency-Check. We will see how these tools integrate with the DevOps team and their processes. I'm Tim Chase, please join me as we learn about DevSecOps and continuous application security.