We invite you to the free Webinar: Continuous Security testing empowered by SAST / DAST / IAST / RASP.
Continuous Security testing is becoming more and more a key factor for success. Especially if we consider that the development and release process is speeding up enormously. Just imagine that your potential shippable product is going to production with a huge vulnerability or a back door open. The damage to your company and bad reputation would be even not measurable.
So how can we avoid this? How can we build- security -in? Let's leave the stone age behind, break down the security silo and implement DevSecOps.
During my talk, I will tell you where you can implement and improve security testing. What different kinds of functional and non-function security testing methods are available and what are the low-hanging fruits.
On a high level, I will explain SAST / DAST / IAST / RASP and how your team could implement these methods with examples. Then I will lift it to the next level and show how you can add security testing to your pipeline to get fast feedback to fix the vulnerabilities at a very early stage (shift left). By showing where to implement security tests in your software development lifecycle, I will explain where it makes sense to have security as a deep skill part of your team and go for DevSecOps!
After I increased our transparency of security and showed you how to deal with "the four fists", I will close my talk by presenting the 10 successful steps to DevSecOps.
This webinar will show you:
- The Importance of Security Testing
- That Security Testing is not a rocket science
- That Security is a Whole Team Responsibility
Theoretical knowledge that you will gain:
- What is continuous security testing
- How does a secure pipeline look like
- How to integrate security testing in your DevSecOps team
- What is SAST / DAST / IAST / RAPS
- 10 steps to a higher quality by implementing security tests
Practical skills that you will gain after the webinar:
- How to implement continuous security testing
- How to build a "secure pipeline"
Tools that you will get acquainted with:
OWASP ZAP - but only on a high level
Who will be interested:
Whole Agile Team! But focused on testers and security roles
The minimum level of knowledge that a listener should have:
Basic IT Know-How
Speaker:
Matthias Zax works as an agile engineering coach at Raiffeisen Bank International AG (RBI). Originally a trained software developer and “#developerByHeart”, he has focused on testing software specialized on test automation in the DevOps environment since 2018 and organizes the RBI Test Automation Community of Practice.
