Content tagged as 'Dev-Sec-Ops'

Here is a list of all the content that has been tagged as dev-sec-ops.

Workshop - Init Security Titans

Workshop to initialise, train and deploy the Jade Security Champions across the Jade Development Teams.

Talk - Hardening Your Docker Infrastructure

The security defaults of Docker are designed to get you up and running (“just work”) quickly, rather than being the most secure. There are many default configurations that can be improved upon. In this talk Kim will walk through improving the security of Docker hosts, containers, networking and deployments.

Talk - Security Regression Testing on OWASP Zap Node API

The OWASP ZAP HTTP intercepting proxy is useful for manually attacking your Web apps and APIs. Now, we have the official Node API to programatically drive ZAP to regression test our creations. Kim will show you how to build a fully featured security regression testing CLI, consumable by your CI/nightly builds.

purpleteam

Automated security regression testing of your web applications and APIs, no setup required. 1. Write [test conditions](https://f0.holisticinfosecforwebdevelopers.com/chap06.html#process-and-practises-agile-development-and-practices-evil-test-conditions) - convert to [Cucumber](https://cucumber.io/) 2. Provide minimal configuration 3. Consume node CLI package 4. Run single command `purpleteam test` Perfect for your CI/nightly build

Cloud Security

Discussion about Kim's new book on Cloud Security, some of the content, and links to other useful resources around securing your Cloud environments.

Cloud Security - Quick Reference

Are you looking to achieve a good understanding of your responsibilities as well as your CSPs responsibilities to make sure your security stature in the Cloud is where you need it to be? Do you need the technical direction required to create your secure Cloud environment? You can think of this book as your technical Cloud consultant.

Docker Security

Discussion about Kim's new [book on Docker Security](/publication/docker-security/), some of the content, and links to other useful resources around securing your Docker deployments.

Development Team Security Teardown $995NZ + GST

We can provide insight into potential issues/defects that are not obvious with your Development Team(s): • Development Process • System Being Developed Our Teardown can provide the needed visibility in order to make the improvements.

Workshop - Building Security Into Your Development Teams

Kim's flagship Software Developer focussed training, this time at OWASP New Zealand Day conference.

Docker Security - Quick Reference

Are you looking to improve the security of your Docker deployments? Do you want to confirm you haven't missed any important security aspects in your Docker infrastructure?