From the course: Application Security in DevSecOps

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

How is application security different?

How is application security different?

From the course: Application Security in DevSecOps

Start my 1-month free trial

How is application security different?

- Let's focus more on application security and how it can work with DevSecOps. There is no silver bullet, so we will talk about several tools and processes. To start, let's look at how old school application security works, and compare it to how it works in the DevOps world. Normally, security is thought of as a separate team, just like the infrastructure and testing were separate teams, security is normally its own function. Typically, when the development team is ready to test, they pass the code to the security team to test and to break, or they send a link to the site that's ready to scan. However it's done, it's a manual and a tedious process. To go with the manual process, the old application security typically involved the sending of documents like PDFs and Excel files for results. Pages and pages and pages of results for developers to read through. Not only did it not promote an agile method of working, it…

Contents