Dynamic Application Security Testing (DAST) also called Black Box Testing is a testing practice that will test the application by executing your web application. As we know, In SAST, a Web application will be tested inside the application which doesn’t even require that the application should be running. So, when we do Dynamic Analysis, we […]
DevSecOps – Dynamic Analysis DAST with OWASP ZAP and Jenkins. Read More »
As part of the DevSecOps implementation in the CICD pipeline, Scanning the Source code and performing Static Analysis SAST is important. SAST is basically Whitebox testing which will be performed on source code. This will help in finding very important vulnerabilities in the source code. Specifically, vulnerabilities defined by OWASP Top 10 should be mitigated.
DevSecOps – Static Analysis SAST with Jenkins Pipeline. Read More »
DevOps is fine! Now we got to include the security in the DevOps process. Hence we got DevSecOps. We talked about DevSecOps a lot. But If you want to become an expert in DevSecOps, you need a Road Map to learn. As part of the Road Map to DevSecOps, this is part -1, talking about
Secure SDLC (S-SDLC) – DevSecOps Road Map – Part -1. Read More »
OWASP ZAP (Zad Attack Proxy) is an opensource Dynamic Application Security Testing (DAST) tool. This will be sitting between web application and end-user and help to identify security vulnerabilities in web application design and architecture. As the name goes, this is Open Web Application Security Project (OWASP) projects. ZAP is one of the successful proxy
OWASP ZAP – Zad Attack Proxy and its Features Read More »
As part of the current Software application development approach, Security is one of the concerns we should take as serious. The Internet is growing with threats. We must secure our application from those threats in all the possible ways. If we have some structured approach like DevOps for Software development, it will be easy to
Approaches to Automate Security Testing in CICD Pipelines Read More »
What Is DevSecOps? DevSecOps is a practice that combines principles of DevOps and IT security to ensure faster and quality delivery along with secured software product. Before getting into this, Let’s recollect the terms and words. Recollect DevOps. DevOps, Is a practice that combines Software Development and IT operations to quickly deliver new features, bug
Introduction to DevSecOps Read More »
Enroll Now for AWS Certified DevOps Engineer Training By Edureka and increase your chances to get hired by Top Tech Companies
Enroll Now for Google Cloud Certification Training – Cloud Architect By Edureka and increase your chances to get hired by Top Tech Companies
Enroll Now for Big Data Hadoop Certification Training By Edureka and increase your chances to get hired by Top Tech Companies
Enroll Now for ITIL Foundation Certification Training By Edureka and increase your chances to get hired by Top Tech Companies
