Automated Security Scanning for Your Delivery Pipeline
Agile development and DevOps depend on an automated pipeline to build, test, and deploy code quickly. Security is all too often viewed as a manual task that is too difficult to automate and is left for later—not a good decision! Matt Grasberger says that by leveraging automated security scans with open source scanners, you can reduce the risk of security vulnerabilities, get the most out of your pipeline, and increase software quality. Matt will thoroughly explain and demonstrate several ways to implement automated security scans. Discover how to quickly test endpoints against SQL injection with sqlmap, an open source penetration test tool, and how to identify common vulnerabilities with OWASP ZAP, an open source web application scanner with scripting capabilities. See how you can apply these free or low-cost tools to introduce baseline security scanning into your DevOps pipeline.