From the course: DevOps Foundations: Continuous Delivery/Continuous Integration

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Security testing in action with Gauntlt

Security testing in action with Gauntlt

From the course: DevOps Foundations: Continuous Delivery/Continuous Integration

Start my 1-month free trial Buy for my team

Security testing in action with Gauntlt

- [Instructor] Let's talk about a really fun part of continuous delivery, security testing. I love this topic, but it's often overlooked. There are a bunch of ways you can get started with this, but let's start by discussing how security fits into the overall picture. There are two main categories of security testing that work well for delivery pipeline. The security industry is full of acronyms and lots of fun ones like SAST and DAST, to describe how this concept works and even runtime variations like RASP and IS but let's just break this down into two categories, static and dynamic. We're going to look at a dynamic security approach and then a static testing approach. Dynamic security testing differs from our other testing in that you run it against a deployed and running application. Let's look at some of the pros and cons here. In dynamic testing, you don't really assert anything other than statements like this form…

Contents