Categories

There are currently no items in your shopping cart.

User Panel

Forgot your password?.

DevSecOps: Building a Secure Continuous Delivery Pipeline


Introduction
Securing your CI/CD pipeline
What you should know

1. The DevSecOps Toolchain
Traditional InfoSec is in crisis
Introducing DevSecOps
The continuous delivery pipeline
Goals for a DevSecOps toolchain approach

2. Development Tools
Secure development practices
Static code analysis
Tool: Keeping secrets with git-secrets
Tool: Rapid Risk Assessment

3. Inherit Tools
What's in your app?
OWASP Dependency Check in practice
JavaScript security with Retire.js: Installation
JavaScript security with Retire.js: Testing
Options for software composition analysis

4. Build Tools
Security testing in the build stage
AppSec scanning with DAST tools
Gauntlt in practice

5. Deploy Tools
Security in the deploy phase
Rundeck for deployments
Tricks for making compliance happy

6. Operation Tools
Keeping security in operate
Modern application security
Signal Sciences in practice
Cloud security monitoring

Conclusion
Next steps