Glue is a free tool from OWASP that can be used to orchestrate your AppSec pipeline. In this video, learn how to use the Glue tool to automate your application security process.
- [Instructor] We have just spent … a lot of time looking at different tools … and using them at the command line level … to run tests against applications. … Now let's look at how all of this ties together. … Just like we want to be out of the UI … if we're running tests, we don't want … to be running manual test from a command line either. … When we are thinking about … the continuous application security process, … it should be seamless. … There shouldn't be any stopping, starting, … reporting, debating, none of the things … we talked about in the old way of security testing. … The process should go from build … all the way to defect reporting and then start over again. … The key to making this work is the process. … The tool's important, but the DevSecOps process … of being integrated into the DevOps team … is the most important. … There are two tools that are useful … to this continuous DevOps process. … The first is Jenkins. … You can't take a DevOps course without reference … to this tool. …
- What is DevSecOps?
- How application security is different with DevSecOps
- Continuous static and dynamic testing
- Continuously scanning to prevent leaking secrets
- Continuous container security
- Pulling security tools together with the Glue tool