DevSecOps Masterclass: AppSec Automation Edition (Virtual)

NOTE: This course will be offered virtually via Zoom DevOps has changed the way we deliver apps. However, security remains a serious bottleneck, especially Application Security. This is largely due to the speed of innovation in DevOps, contrasted with the escalating attacks against Applications. This training takes a comprehensive, focused and practical approach at implementing DevSecOps Practices with a focus on Application Security Automation. The training is based on our 4.9/5 Rated DevSecOps Masterclass at Blackhat. The training is a hardcore hands-on journey into: Hands-on SAST for Apps and Infrastructure-as-Code, with a focus on Semgrep and CodeQL. Develop Custom SAST rules like a bawse! Supply-Chain Security Automation: SBOMs, Source Composition Analysis and Security Engineering techniques Assurance and Provenance for artifacts. Mastery over Cosign and SLSA for Supply-Chain Provenance DAST Automation and Security Regressions with ZAP and Nuclei. Policy-As-Code: Leverage Open Policy Agent (OPA) with use-cases from API Access Control to OS Policy Controls. Participants get a 2 month access to our online lab environment for DevSecOps training