From the course: Application Security in DevSecOps
Unlock the full course today
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Continuous library security testing
From the course: Application Security in DevSecOps
Continuous library security testing
- [Narrator] Open source libraries are parts of the application that are written outside of the development process, and usually are downloaded from the internet. They are used in pretty much any modern application. It saves developers from having to write the same code over and over again but it presents a security issue, since the coding and securing of the component is out of our control. Open source library security is talked about everywhere today. Many products focus on it and for good reason. There are lots of vulnerabilities out there for open source software. For an easy example, look at the Java stress vulnerability. That's an open source library that had a defect and had major ramifications. This area of security is important enough that it's landed it's own spot on the OWASP Top 10. This can be a difficult area for security, because getting the issues fixed isn't always the highest priority for…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
(Locked)
Continuous static testing4m 20s
-
(Locked)
Continuous dynamic testing4m 15s
-
(Locked)
Interactive application security testing4m 29s
-
(Locked)
Continuous secret scanning3m 41s
-
(Locked)
Continuous library security testing3m 45s
-
(Locked)
Continuous container security2m 41s
-
(Locked)
Continuous container security demo2m 27s
-
(Locked)
-
-