https://r0tbyt3.dev/tags/devsecops/Recent content in Devsecops on Jesus OsegueraHugoen-ushttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/api-security/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/api-security/API Security API Security - securing APIs in CI/CD pipelines through authentication, rate limiting, input validation, and automated scanning. Related Links: Arachni Dynamic application security testing (DAST) Nikto Pipeline Security Shift Left Security Software composition analysis (SCA) Static application security testing (SAST) W3afhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/arachni/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/arachni/Arachni Arachni - open-source web application security scanner used for automated vulnerability discovery. Related Links: API Security Dynamic application security testing (DAST) Nikto Pipeline Security Shift Left Security Software composition analysis (SCA) Static application security testing (SAST) W3afhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/DevSecOps DevSecOps - integrating security into every phase of the CI/CD pipeline through automated testing and tooling. API Security Arachni Dynamic application security testing (DAST) Nikto Pipeline Security Shift Left Security Software composition analysis (SCA) Static application security testing (SAST) W3af Related Links: DevOps Fundamentals Pipeline and Deliveryhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/dynamic-application-security-testing-dast/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/dynamic-application-security-testing-dast/Dynamic application security testing (DAST) DAST - testing running applications by simulating attacks to find runtime vulnerabilities in a live environment. Related Links: API Security Arachni Nikto Pipeline Security Shift Left Security Software composition analysis (SCA) Static application security testing (SAST) W3afhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/nikto/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/nikto/Nikto Nikto - open-source web server scanner that detects dangerous files, outdated software, and server misconfigurations. Related Links: API Security Arachni Dynamic application security testing (DAST) Pipeline Security Shift Left Security Software composition analysis (SCA) Static application security testing (SAST) W3afhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/pipeline-security/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/pipeline-security/Pipeline Security Pipeline Security - securing the CI/CD supply chain through secret management, artifact signing, and dependency scanning. Related Links: API Security Arachni Dynamic application security testing (DAST) Nikto Shift Left Security Software composition analysis (SCA) Static application security testing (SAST) W3afhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/shift-left-security/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/shift-left-security/Shift Left Security Shift Left Security - embedding security checks early in development and CI/CD to catch vulnerabilities before production. Related Links: API Security Arachni Dynamic application security testing (DAST) Nikto Pipeline Security Software composition analysis (SCA) Static application security testing (SAST) W3afhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/software-composition-analysis-sca/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/software-composition-analysis-sca/Software composition analysis (SCA) SCA - identifying open-source dependencies and known vulnerabilities in application code and third-party libraries. Related Links: API Security Arachni Dynamic application security testing (DAST) Nikto Pipeline Security Shift Left Security Static application security testing (SAST) W3afhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/static-application-security-testing-sast/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/static-application-security-testing-sast/Static application security testing (SAST) SAST - analyzing source code without execution to detect security vulnerabilities early in the development process. Related Links: API Security Arachni Dynamic application security testing (DAST) Nikto Pipeline Security Shift Left Security Software composition analysis (SCA) W3afhttps://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/w3af/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/devops-and-platform-engineering/ci-cd/devsecops/w3af/W3af W3af - open-source web application attack and audit framework for discovering and exploiting web vulnerabilities. Related Links: API Security Arachni Dynamic application security testing (DAST) Nikto Pipeline Security Shift Left Security Software composition analysis (SCA) Static application security testing (SAST)