Webinar: Continuous Security testing empowered by SAST / DAST / IAST / RASP

Спікер(-и) події Matthias Zax
Додати у Google Calendar
Опис події

We invite you to the free Webinar: Continuous Security testing empowered by SAST / DAST / IAST / RASP.

Continuous Security testing is becoming more and more a key factor for success. Especially if we consider that the development and release process is speeding up enormously. Just imagine that your potential shippable product is going to production with a huge vulnerability or a back door open. The damage to your company and bad reputation would be even not measurable.

So how can we avoid this? How can we build- security -in? Let's leave the stone age behind, break down the security silo and implement DevSecOps.

During my talk, I will tell you where you can implement and improve security testing. What different kinds of functional and non-function security testing methods are available and what are the low-hanging fruits.

On a high level, I will explain SAST / DAST / IAST / RASP and how your team could implement these methods with examples. Then I will lift it to the next level and show how you can add security testing to your pipeline to get fast feedback to fix the vulnerabilities at a very early stage (shift left). By showing where to implement security tests in your software development lifecycle, I will explain where it makes sense to have security as a deep skill part of your team and go for DevSecOps!

After I increased our transparency of security and showed you how to deal with "the four fists", I will close my talk by presenting the 10 successful steps to DevSecOps.

This webinar will show you:

  • The Importance of Security Testing
  • That Security Testing is not a rocket science
  • That Security is a Whole Team Responsibility

Theoretical knowledge that you will gain:

  • What is continuous security testing
  • How does a secure pipeline look like
  • How to integrate security testing in your DevSecOps team
  • What is SAST / DAST / IAST / RAPS
  • 10 steps to a higher quality by implementing security tests

Practical skills that you will gain after the webinar:

  • How to implement continuous security testing
  • How to build a "secure pipeline"

Tools that you will get acquainted with:

OWASP ZAP - but only on a high level

Who will be interested:

Whole Agile Team! But focused on testers and security roles

The minimum level of knowledge that a listener should have:

Basic IT Know-How

Speaker:

Matthias Zax works as an agile engineering coach at Raiffeisen Bank International AG (RBI). Originally a trained software developer and “#developerByHeart”, he has focused on testing software specialized on test automation in the DevOps environment since 2018 and organizes the RBI Test Automation Community of Practice.

Курси та події

Публікації

Відео