Devops Engineer with IT Security

Session17: DevSecOps: Automated Security Testing

Security testing is a vital part of ensuring you deliver a complete, secure solution to your customers. Automating the process can ensure testing is always part of your software delivery workflow, and can help testing keep pace with continuous integration and delivery (CI/CD) pipelines. In this course, James Wickett introduces the core concepts behind application security testing, with hands-on demos of various open-source tools. He explains how security and DevOps fit together, and moves quickly from guidance to practice: setting up an attack lab with GauntIt. He reviews testing strategies for web applications, microservices, and APIs, as well as the specialized needs of CI/CD pipelines. By the end of the course, you’ll have a better understanding of software security testing, as well as a reusable library of tests that you can immediately put into rotation.

0 min.

Learning Objectives:

  • Security and DevOps
  • Automated security testing
  • Running your first automated security test with GauntIt
  • XSS and SQLi attack automation
  • Network testing
  • Security testing in continuous integration/continuous delivery pipelines
James Wickett

James Wickett

Session Instructor

Sr. Security Engineer and Dev Advocate at Verica & Author on DevOps and DevSecOps at LinkedIn Learning

James Wickett is the head of research at Signal Sciences and a supporter of rugged software and DevSecOps.

James is the creator and founder of the Lonestar Application Security Conference, which is the largest annual security conference in Austin, Texas. He also runs DevOpsDays Austin and previously served on the global DevOpsDays board. He also bears several security certifications, including CISSP and GWAPT.

Back to Course

Tanuj

Instructor

Tanuj Chugh, an adept and prominent trainer and speaker have been associated to education sector from many years and have an experience of more than 9 years of live industry projects based on latest technologies like Virtualization, Cloud Computing, AWS, Google Cloud, Azure, Linux & Windows Servers, Network & Security etc. Upholding the responsibilities of delivering in-house and online training to the corporate employees, clients and individuals.

Full Profile

Ready to get started?

Get in touch

Contact Us