Author
Tim Chase
Released
9/11/2019- What is DevSecOps?
- How application security is different with DevSecOps
- Continuous static and dynamic testing
- Continuously scanning to prevent leaking secrets
- Continuous container security
- Pulling security tools together with the Glue tool
Skill Level Intermediate
Duration
Views
- [Tim Chase] DevOps teams are always being pushed to build applications quickly and be more agile. As a security team we are left trying to understand where we fit in without slowing down the process. We want to make sure our applications are secure but do it in a way that fits into the DevOps mold. In this course we will provide a framework for building a continuous application security process that will help us keep up with security in the DevOps world. We will talk about DevSecOps and understand the role that application security plays. We will work with several application security tools that you can use with DevSecOps like SonarQube, truffleHog, and Dependency-Check. We will see how these tools integrate with the DevOps team and their processes. I'm Tim Chase, please join me as we learn about DevSecOps and continuous application security.
-
Introduction
-
What you should know2m 34s
-
1. DevSecOps Basics
-
What is DevSecOps?3m 1s
-
-
2. Continous Application Security
-
Continuous static testing4m 20s
-
Continuous dynamic testing4m 15s
-
Continuous secret scanning3m 41s
-
-
3. Putting It All Together
-
Tying it all together3m 9s
-
Managing the results3m 43s
-
-
Conclusion
-
Next steps1m 31s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: The rise of continuous application security