Szczegóły ebooka

Implementing DevSecOps Practices. Understand application security testing and secure coding by integrating SAST and DAST

Implementing DevSecOps Practices. Understand application security testing and secure coding by integrating SAST and DAST

Vandana Verma Sehgal

Ebook
DevSecOps is built on the idea that everyone is responsible for security, with the goal of safely distributing security decisions at speed and scale to those who hold the highest level of context. This practice of integrating security into every stage of the development process helps improve both the security and overall quality of the software. This book will help you get to grips with DevSecOps and show you how to implement it, starting with a brief introduction to DevOps, DevSecOps, and their underlying principles.

After understanding the principles, you'll dig deeper into different topics concerning application security and secure coding before learning about the secure development lifecycle and how to perform threat modeling properly. You’ll also explore a range of tools available for these tasks, as well as best practices for developing secure code and embedding security and policy into your application. Finally, you'll look at automation and infrastructure security with a focus on continuous security testing, infrastructure as code (IaC), protecting DevOps tools, and learning about the software supply chain.

By the end of this book, you’ll know how to apply application security, safe coding, and DevSecOps practices in your development pipeline to create robust security protocols.
  • 1. Introducing DevSecOps
  • 2. DevSecOps Principles
  • 3. Understanding the Security Posture
  • 4. Understanding Observability
  • 5. Understanding Chaos Engineering
  • 6. Continuous Integration and Continuous Deployment
  • 7. Threat Modeling
  • 8. Software Composition Analysis (SCA)
  • 9. Static Application Security Testing (SAST)
  • 10. Infrastructure-as-Code (IaC) Scanning
  • 11. Dynamic Application Security Testing (DAST)
  • 12. Setting Up a DevSecOps Program with Open Source Tools
  • 13. Licenses Compliance, Code Coverage, and Baseline Policies
  • 14. Setting Up a Security Champions Program
  • 15. Case Studies
  • 16. Conclusion
  • Tytuł: Implementing DevSecOps Practices. Understand application security testing and secure coding by integrating SAST and DAST
  • Autor: Vandana Verma Sehgal
  • Tytuł oryginału: Implementing DevSecOps Practices. Understand application security testing and secure coding by integrating SAST and DAST
  • ISBN: 9781803234434, 9781803234434
  • Data wydania: 2023-12-22
  • Format: Ebook
  • Identyfikator pozycji: e_3pua
  • Wydawca: Packt Publishing