Application Security Tools for Continuous Testing
There are lots of tools out there to support security testing activities. You’ve probably seen some of the acronyms used to describe them when looking at marketing material or reading about application security - SAST, DAST, IAST, RASP, etc. But the question is always which tools to use where within your testing process. This is particularly important in a DevOps model where continuous testing is used to continuously validate code as it changes. Selecting the wrong tools or using them at the wrong place can impact your delivery process significantly. In this tutorial, Jeffery Payne discusses the various types of security tools available and how they are typically used within a rigorous continuous testing process. Key types of security testing are explained with a focus on where to apply what tooling. Demonstrations are given of various open-source and commercial tools to show how they work and what the pros and cons of each type of security testing is. Learn all about security testing tools during this tutorial. Take home valuable information on what tools fit where in a continuous testing process.