Performing DevSecOps Automated Security Testing
This course will show you how to perform automated security testing. It will demonstrate how to use security testing tools in an continuous integration pipeline.
What you'll learn
Security testing is a vital part of any organization. In this course, Performing DevSecOps Automated Security Testing, you will gain the ability to perform automated security tests. First, you will learn how to implement automated security scanning of code. Then, you will perform security testing of containers. Finally, you will explore how to perform automated security tests of applications and infrastructure. When you are finished with this course, you will have the skills and knowledge of performing automated security tests needed to implement in a continuous integration environment.
Table of contents
- Introduction 2m
- Linting Code 4m
- Demo: Linting a Dockerfile 5m
- Workflow and Conclusion of Using Linters 2m
- Detecting Secrets in Code 3m
- Demo: Detecting Existing Secrets in Code 5m
- Demo: Preventing Secrets from Being Committed 6m
- Demo: Detecting New Secrets during Automated Security Testing 6m
- Workflow and Conclusion of Detecting Secrets 3m
- Using Code Quality Systems 3m
- Demo: Installing a Code Quality Metrics System 6m
- Demo: Analyzing Code during Automated Builds Using SonarQube 6m
- Workflow and Conclusion of Code Quality Metrics Systems 3m
- Module Summary 1m
About the author
Peter started out in the nineties as software engineer working on internet banking applications for various European financial institutions. After developing, he moved to the role of defending and designing systems and networks for high-availability websites. Since 2004 he started specializing in breaking: pentesting complex and feature-rich web applications. Currently he leads a global team of highly skilled penetration testers as lead pentester. He is a contributor to several open-source penet... more