automation3-1

Training Overview

Scalable and comprehensive application security is an essential requirement for any product, especially within mature software delivery environments utilising DevOps practices. However, incorporating robust and resilient application security practices within a continuous delivery pipeline can be challenging.

 

What attendees will learn?

This training addresses these challenges and more, and is focused towards enabling and delivering application security at scale to organisations. This is a largely hands-on program, with a plethora of anecdotes, examples and real-world case studies. This gives the participants a comprehensive view of implementing practical DevSecOps and application security automation practices within their organisations. In fact, most of the participants have reported that they were able to use learnings from this training almost immediately.

The best part of the training was being able to see automation implemented in a single pipeline

- Neha Malick, ANZ

I found it really enjoyable because there was a lot of new information that we probably wouldn’t have come across in our organisations. It will be to very useful to see how we can implement all the information Abhay has given us to improve our processes and DevSecOps pipeline. And it was really good to see it done in a light-weight and fast manner to keep up with the demands of the agile development. Abhay was really patient with all our questions. I learnt a lot.

Really worthwhile attending

- Peter van Oosterom, Zimbani Pty Ltd

It was a really good show. Very comprehensive covering everything from automation build pipeline to how to do threat modelling in a different way, which has actually resonated well with a lot of the work I do with dev teams today.

This class really opened my eyes in terms of security automation and testing

- Liou Liu, MLC Life Insurance

This training showed me the different ways in which different elements like threat modelling and automation testing go together. The class opened my eyes in terms of what is coming to security automation in the next 2-3 years. I think application of automation is very important with everything moving so fast. I'm going to learn and implement what I learnt from this class.

we45 - An AppSec Training Leader

Our DevSecOps and AppSec Automation training is a regular feature at marquee application security conferences across the world. Below is a snapshot of past and future trainings undertaken by we45.

Frequently Asked Questions

Who is this training for?

This program is focused towards delivering application security at scale to organisations. It is therefore aimed at product teams who wish to automate their application security testing to keep pace with product releases in an agile environment.

Does this training program require prior or current usage of any specific tools or platforms?

No. But the course does introduce concepts of DAST, SAST, SCA and Correlation platforms in conjunction with standard engineering platforms such as Jenkins and JIRA which are easier to digest with prior exposure.

Contact Us For a Detailed Course Agenda

Additional Resources

ezgif.com-crop

How to : Automating Burp With Jenkins

This blog outlines the steps involved in integrating one of the most prominent DAST tools Burp with Jenkins.

three pillars of DevSecOps

The Three Pillars Of DevSecOps

 Understand our perspective on what it takes to successfully implement DevSecOps in an organisation.

ezgif.com-resize

7 Myths of AppSec Automation

Here is our compilation of common misconceptions aimed at anyone either currently involved in or in the process of adopting DevSecOps in the near future.