Continuous testing means testing an application continuously throughout the software life cycle. It’s a critical part of CI/CD and—like any other part—should be automated.
A DevSecOps lab gives you valuable hands-on experience with the tools and technologies you need to evaluate. Thanks to the cloud, it’s cheap to create one.
Posted in Agile, CI/CD & DevOps | Comments Off on Using the cloud as a cheap DevSecOps lab environment
In our DevSecOps webinar, we discuss how to close the gap between DevOps and security with a risk-based adaptive pipeline.
AppSec tools are essential to creating secure applications and preventing data breach. But how do you integrate them effectively into your DevOps workflow?
Posted in Agile, CI/CD & DevOps | Comments Off on What AppSec tools are in your DevOps toolshed?
Having the right application security toolchain is the most effective way to build security in, which is critical to securing modern apps against attacks.
The DevOps / security relationship is often tense—but does it have to be? At RSA 2019, Tanya Janca explained how teams can play nice, and why they ought to.
Posted in Agile, CI/CD & DevOps | Comments Off on Tanya Janca at RSA on better AppSec: Play nice with DevOps
SCA tools are an essential part of your AppSec toolkit, because free and open source software—just like free puppies—comes with hidden costs and risks.
Organizations are starting to shift left to save time and money. But it’s critical they choose the right application security tools to support developers.
Posted in Agile, CI/CD & DevOps | Comments Off on How to “shift left” with application security tools, and how not to
Hacking Security is a monthly podcast on emerging trends in application security. In Episode 4, secure development expert Meera Rao discusses DevSecOps.