defdev courses
README
secdev courses
Webapps in general
Java
JavaScript
Android
iOS
.NET
C/C++
Testing courses
Security test automation in CI/CD pipelines
Burp for developers
DevSecOps courses
Docker security
AWS security
Control courses
S-SDLC playbook
Assisted code-review lab
Library
Hacking applications
Language specific
Delivery
Main features
Agenda structure
Days and kits
Trainer formations
Course materials
Trainers
Glenn ten Cate
Marek Zachara
Péter Nyilasy
Riccardo ten Cate
Zsombor Kovács
Powered by GitBook
Have an account? Sign in

Security test automation in CI/CD pipelines

Last updated 2 months ago
Edit on GitHub

About the course

Work in progress

Overview

XOX

Properties

title: Security test automation in CI/CD pipelines

audience: XOX

duration: 1 day (6hrs education time)

developed by: Riccardo ten Cate

Prerequisites

XOX

Agenda

  • Security test automation

    • Introduction to Docker

    • Containerize the security tooling

    • Setting up a docker registry

    • Introduction into CI tools

    • Setting up a scripted pipe-line

    • Security test automation philosophy

    • How to pick the right tools for the right job

    • Integrating the tools into the CI pipe-line

  • Code quality testing

    • Introduction to Sonarqube

    • Check for dead end code

    • Check for repudiated code

    • Check for over-complex code

  • Handling metric results on large scale

    • Introduction to the vulnerability management tools (VMT)

    • Delta reporting with the VMT

    • False positive suppression with the VMT

    • Learn to read and understand the tooling metrics

    • Learn how to do active verification on the metrics

  • Iteration and optimization of the pipeline

    • Kubernetes introduction

    • Optimize the pipe-line with Kubernetes

  • Intro to Behaviour-Driven Development, BDD-type testing

    • Calabash introduction

Trainers

secdev courses - Previous
C/C++
Next - Testing courses
Burp for developers
Contents
About the courseOverviewPropertiesPrerequisitesAgendaTrainers