defdeveu courses
Search…
README
secdev courses
Java
JavaScript
Android
iOS
.NET
C/C++
Webapps in general
Testing courses
Mobile testing automation
Security test automation in CI/CD pipelines
Burp for developers
DevSecOps courses
Docker security
AWS security
Control courses
Security champions boot
Assisted code-review lab
Practical personal cybersec for security auditors
S-SDLC playbook
Library
Mobile security baseline
Hacking applications
Language specific
Delivery
Main features
Agenda structure
Days and kits
Trainer formations
Course materials
Trainers
Glenn ten Cate
Zsombor Kovács
Davide Cioccia
Péter Nyilasy
Marek Zachara
Riccardo ten Cate
Timur Khrotko
Powered By
GitBook
Security test automation in CI/CD pipelines
About the workshop
Properties
title:
Security test automation in CI/CD pipelines
duration
: 1 day (6hrs education time)
developed by:
Riccardo ten Cate
Related courses
Docker security
Mobile testing automation
Agenda
Security test automation
Introduction to Docker
Containerize the security tooling
Setting up a docker registry
Introduction into CI tools
Setting up a scripted pipe-line
Security test automation philosophy
How to pick the right tools for the right job
Integrating the tools into the CI pipe-line
Code quality testing
Introduction to Sonarqube
Check for dead end code
Check for repudiated code
Check for over-complex code
Handling metric results on large scale
Introduction to the vulnerability management tools (VMT)
Delta reporting with the VMT
False positive suppression with the VMT
Learn to read and understand the tooling metrics
Learn how to do active verification on the metrics
Iteration and optimization of the pipeline
Kubernetes introduction
Optimize the pipe-line with Kubernetes
Intro to Behaviour-Driven Development, BDD-type testing
Calabash introduction
Trainers
Riccardo ten Cate
Testing courses - Previous
Mobile testing automation
Next - Testing courses
Burp for developers
Last modified
3yr ago
Copy link
Contents
About the workshop
Properties
Related courses
Agenda
Trainers