App Security Automation In Continuous Delivery Pipelines

button-icon-arrow-right
button-icon-arrow-left

button-icon-arrow-leftBack

Event

App Security Automation in Continuous Delivery pipelines

15 August 2018

New York

Added 07-Dec-2018

Scalable and Comprehensive Application Security is an essential requirement, especially for DevOps and rapid-release applications. However, most environments today find it challenging to successfully incorporate a robust and resilient Application Security practice into their Continuous Delivery Pipeline.

This session will address different techniques and integration practices that can be used to automate Application Vulnerability Assessments, married with Functional Testing (for Web Services and Single Page Apps) for SAST, DAST and SCA. The session will be replete with demos and case examples with minimal theory coverage only used to support the concept of Application Security Automation.

The talk will delve into:
• Integrating Functional Test Automation and End-to-End Tests with Selenium (multiple implementations), Robot Framework, Nightwatch.js, Chai.js etc. to perform Security Testing
• Performing Automated, Authenticated and Parameterized Vulnerability Assessments against Web Apps and Web Services by leveraging tools like OWASP ZAP and BurpSuite Pro
• Leveraging Functional Test Automation to conduct security testing of Microservices and Serverless applications

Top