Application security is different with DevSecOps. In this video, get an understanding of how AppSec has to change.
- Let's focus more on application security … and how it can work with DevSecOps. … There is no silver bullet, so we will talk … about several tools and processes. … To start, let's look at how old school … application security works, and compare it … to how it works in the DevOps world. … Normally, security is thought of as a separate team, … just like the infrastructure and testing … were separate teams, security is normally … its own function. … Typically, when the development team is ready to test, … they pass the code to the security team to test … and to break, or they send a link to the site … that's ready to scan. … However it's done, it's a manual and a tedious process. … To go with the manual process, the old application security … typically involved the sending of documents … like PDFs and Excel files for results. … Pages and pages and pages of results … for developers to read through. … Not only did it not promote an agile method of working, … it frustrated many developers with the time needed …
- What is DevSecOps?
- How application security is different with DevSecOps
- Continuous static and dynamic testing
- Continuously scanning to prevent leaking secrets
- Continuous container security
- Pulling security tools together with the Glue tool