Implementing and Managing OWASP ZAP for DevSecOps
|
This course will teach you how to incorporate OWASP ZAP into a DevSecOps pipeline, while walking through the advantages of this automated setup and how to get results out in a productive way to take action on.
Most development teams work in an agile methodology. Having to stop to wait on security scans, or pushing these DAST tools on developers, devops, or QA analysts to run has proven to be inadequate. In this course, Implementing and Managing OWASP ZAP for DevSecOps, you’ll learn how to automate a tool like OWASP ZAP to meet the needs of the business. First, you’ll explore how security and devops have come together. Next, you’ll discover how to setup a headless ZAP instance. Finally, you’ll learn how to run scans and return results in a way that will benefit all teams. When you’re finished with this course, you’ll have the skills and knowledge of automating OWASP ZAP scans needed to implement security into the DevSecOps pipelines.
Author Name: Mike Woolard
Author Description:
Mike is an information security manager who has worked in the IT and Information Security fields for 22+ years. A broad background from helpdesk to sysadmin, system engineer, networking, DB and development work. Most of Mike’s work now centers around pentests and risk assessments, but an integral part will always be awareness training. An active member in various local security groups, Mike volunteers, speaks, or attends various information security cons.
User Reviews
Be the first to review “Implementing and Managing OWASP ZAP for DevSecOps”
Related Products
Windows 11 Troubleshooting: Virus and Malware
When malware strikes a Windows 11 PC the results can often be disastrous. In this course, you'll explore the processes required to isolate a PC, and dive into the places where malware likes to hide.
IT Security Champion: Zero Trust
This course will teach you what Zero Trust is, the key tenets of Zero Trust, and a common use case to deploy it. The marketing fluff will be left aside, leaving you empowered to champion Zero Trust to your team.
Developer Security Champion: Vulnerability Testing
Many security weaknesses in software can be detected more or less automatically. This course will teach you vulnerability testing.
Shift Left, Shift Right: The DevSecOps Hokey Pokey
Garrett Gross, a Rapid7 Technical Advisor for Application Security, and Alyssa Miller, a Snyk Application Security advocate, come together to share how application security is evolving.
Exam Review Tips and Tricks for CySA+
Achieving a passing score on the CySA+ exam requires knowledge, experience, and preparation. This course will teach you the steps to be successful for the CySA+ exam.
Implementing Service Provider Security and Application Control
When network engineers think of cyber security, they often think of firewalls, intrusion prevention systems, and host-based security systems. Alternatively, service provider security introduces an entirely new set of tools and operating processes.
There are no reviews yet.