From the course: Building an Application Security Program
Join today to access over 25,500 courses taught by industry experts.
Understanding AppSec testing
From the course: Building an Application Security Program
Understanding AppSec testing
- [Instructor] Now that we've talked about the basics of the development lifecycle and an understanding of business and application security, let's get into testing and how we can build a testing framework and an application security program. Over the years, it's become obvious that security needs to be embedded into the SDLC. What was once a struggle is now something that most organizations understand needs to happen. Having security embedded into the SDLC helps teams discover security issues inside of applications before they escalate into real attacks and production. This quote from HackerOne says, "Security testing is an important step in the SDLC, which can help teams discover security issues and applications before they escalate into damaging attacks and breaches." So let's talk more about application security and talk about some basic principles of how we can build this into the SDLC. When building an application…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
Understanding AppSec testing5m 46s
-
(Locked)
Threat modeling5m 20s
-
(Locked)
Static application security testing (SAST)3m 14s
-
(Locked)
Dynamic application security testing (DAST)2m 55s
-
(Locked)
Interactive application security testing (IAST)2m 29s
-
(Locked)
Static code analysis (SCA)3m 6s
-
(Locked)
Verification testing2m 10s
-
(Locked)
Pentesting2m 50s
-
(Locked)
Red/Blue/Purple testing3m 32s
-
(Locked)
Monitoring AppSec in production3m 42s
-
(Locked)
RASP vs. WAF6m 32s
-
(Locked)
-
-