In the wake of events such as the Solarwinds breach, there has been a lot of misinformation about the role of open source in DevSecOps. GitLab believes everyone benefits when everyone can contribute. Open source plays a key role in how GitLab addresses DevSecOps. We will discuss GitLab's view of the role of open source in DevSecOps including recent contributions to the open source community as well as GitLab's plans for the future.
This segment is sponsored by GitLab. Visit https://securityweekly.com/gitlab to learn more about them!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw158
More than 96% of software development projects fail across the globe because too many businesses rely on the legacy DevOps process which allows us to run security testing right before going to production. Using the legacy DevOps can lead to a downfall of the project management triangle (Budget, Scope, and Time). However, with more efficient use of dynamic application security testing tools (DAST) in every single stage/sprint, the legacy DevOps can be transformed into DevSecOps, in turn preventing our projects from failing.
This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw233
Before you go picking technologies, you have to have a plan. How does one create that plan? Ferruh will focus on some concrete steps to create an AppSec plan using Netsparker's simple framework.
This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw209