Automated Security Scanning for Your Delivery Pipeline

Matthew Grasberger

[video: width:300 height:200 align:right]

Agile development and DevOps depend on an automated pipeline to build, test, and deploy code quickly. Security is all too often viewed as a manual task that is too difficult to automate and something to be left for later—not a good decision! Matt Grasberger says that, by leveraging automated security scans with open source scanners, you can reduce the risk of security vulnerabilities, get the most out of your pipeline, and increase software quality. Matt thoroughly explains and demonstrates several ways to implement automated security scans. Discover how to quickly test endpoints against SQL injection with sqlmap, an open source penetration test tool. Explore how you can identify common vulnerabilities with OWASP ZAP, an open source web application scanner with scripting capabilities. See how you can apply these free or low-cost tools to introduce baseline security scanning into your DevOps pipeline.

About the Presenter

Matthew Grasberger is an Associate Consultant at Coveros with a specialty in Test Automation, DevOps Engineering, and Security Automation. Matt has worked with clients to build and develop robust test automation suites that are integrated into DevOps pipelines based on industry leading practices. In addition, Matt has leveraged open source mobile testing frameworks like Appium to create automated tests for Android and iOS devices.

Upcoming Events

Sep 22
Oct 13
Apr 27