DevSecOps: Continuous Application Security

Learn how to build a continuous application security process that meshes with the fast-paced world of DevOps. Explore tools and strategies for testing apps in an automated fashion.

With DevOps continuing to grow in prominence, modern businesses expect applications to be built with greater speed and efficiency than ever before. Even so, the importance of application security cannot be downplayed for the sake of a pressing deadline. In this course, learn how to build a continuous application security process that meshes with the faster-paced world of DevOps. Instructor Tim Chase describes DevSecOps and its impact on application security. Tim then explores tools and strategies for testing apps in an automated fashion, explaining how key tools can integrate with the DevOps workflow. He covers interactive application security testing, the different aspects of container security (and how they can be automated), continuous secret scanning, and more.

Introduction

• The rise of continuous application security
• What you should know

1. DevSecOps Basics

• What is DevSecOps?
• How is application security different?
• The key to DevSecOps is continuous

2. Continous Application Security

• Continuous static testing
• Continuous dynamic testing
• Interactive application security testing
• Continuous secret scanning
• Continuous library security testing
• Continuous container security
• Continuous container security demo

3. Putting It All Together

• Tying it all together
• Managing the results

Conclusion

• Next steps