DevSecOps: Adding Security Testing Tools to Pipelines
|
Automated security testing can be daunting to start with. This course will teach you which tools you can easily implement into your existing CI/CD pipelines and what results can be expected with each tool.
You want to start implementing automated security tests into your existing CI/CD pipelines. In this course, DevSecOps: Adding Security Testing Tools to Pipelines, you’ll learn to select the right tool for the right job. First, you’ll explore several tools that can detect secrets. Next, you’ll discover how to add static and dynamic application security testing tools to pipelines. Finally, you’ll learn how to perform software composition analysis. When you’re finished with this course, you’ll have the skills and knowledge of automated security testing needed to properly implement automated security testing into pipelines: from automatically detecting secrets in your source code all the way to running scans against a running application.
Author Name: Peter Mosmans
Author Description:
Peter started out in the nineties as software engineer working on internet banking applications for various European financial institutions. After developing, he moved to the role of defending and designing systems and networks for high-availability websites. Since 2004 he started specializing in breaking: pentesting complex and feature-rich web applications. Currently he leads a global team of highly skilled penetration testers as lead pentester. He is a contributor to several open-source penet… more
Table of Contents
- Course Overview
1min - Initializing the Setup for Automated Security Testing
20mins - Detecting Secrets in Code
15mins - Performing Dockerfile Linting using Hadolint
7mins - Performing Static Application Security Testing Using njsscan
6mins - Performing Static Application Security Testing Using SonarQube
13mins - Performing Software Composition Analysis Using OWASP Dependency-Check
9mins - Detecting Vulnerabilities in Third-party Libraries Using Software Bill of Materials and OWASP Dependency-Track
14mins - Detecting Vulnerabilities in Images Using Trivy
6mins - Performing Dynamic Application Security Testing Using OWASP ZAP
8mins - Performing Dynamic Application Security Testing Using Nikto
6mins - Performing Full Automated Security Testing in a Pipeline
9mins
User Reviews
Be the first to review “DevSecOps: Adding Security Testing Tools to Pipelines”
Related Products
Kubernetes Application Developer – Exam Prep
This Free Online Course Includes: 5-6 Hours of Learning CPD Accreditation Final Assessment
Fundamentals of Google Apps Script And IDE
This Free Online Course Includes: 1.5-3 Hours of Learning CPD Accreditation Final Assessment
Diploma in AWS Solution Architect – Associate
This Free Online Course Includes: 10-15 Hours of Learning CPD Accreditation Final Assessment
Introduction to GitHub
Learn to use key GitHub features, including issues, notifications, branches, commits, and pull requests.
Microservices Architecture for Absolute Beginners
This Free Online Course Includes: 1.5-3 Hours of Learning CPD Accreditation Final Assessment
Contribute to an open-source project on GitHub
Learn how to use GitHub to find open-source projects and tasks to contribute to. Discover how to create pull requests and communicate with project maintainers effectively to get your changes accepted. Learn about the benefits of getting involved with open-source communities.
There are no reviews yet.