Published By
Created On
31 Oct 2023 15:55:24 UTC
Transaction ID
Cost
Safe for Work
Free
Yes
DevSecOps: Overcome 4 Key Challenges for Success
Join the industry expert Abhay Bhargav, as he shares invaluable insights on navigating DevSecOps initiatives successfully. Learn about the four critical factors that can make or break your project.
Discover how to choose the right projects, strike a balance with security testing, set realistic expectations, and prioritize training. Don't miss this essential guide to DevSecOps success.
Dive into hands-on courses on AppSecEngineer and amplify your skills in DevSecOps and security automation today!
Register for the ‘AppSec Automation Masterclass’ happening tomorrow at the OWASP Global AppSec 2023: https://owasp2023globalappsecwashin.sched.com/event/1MXHe/2-day-trainingappsec-automation-masterclass-available-in-person-or-virtually
DevSecOps Bundle - https://checkout.appsecengineer.com/devsecops-security-specialist
AppSecEngineer For Businesses: https://www.appsecengineer.com/business-pricing
AppSecEngineer For Individuals: https://www.appsecengineer.com/main-menu-pages/pricing
#SecureOurWorld #cybersecurity #CybersecurityTraining #appsec #applicationsecurity #infosec #Security #securitytraining #training #handsonlearning #StaySafeOnline #DevSecOps #OWASP #automation
...
https://www.youtube.com/watch?v=d9JUikVI8Kc
Discover how to choose the right projects, strike a balance with security testing, set realistic expectations, and prioritize training. Don't miss this essential guide to DevSecOps success.
Dive into hands-on courses on AppSecEngineer and amplify your skills in DevSecOps and security automation today!
Register for the ‘AppSec Automation Masterclass’ happening tomorrow at the OWASP Global AppSec 2023: https://owasp2023globalappsecwashin.sched.com/event/1MXHe/2-day-trainingappsec-automation-masterclass-available-in-person-or-virtually
DevSecOps Bundle - https://checkout.appsecengineer.com/devsecops-security-specialist
AppSecEngineer For Businesses: https://www.appsecengineer.com/business-pricing
AppSecEngineer For Individuals: https://www.appsecengineer.com/main-menu-pages/pricing
#SecureOurWorld #cybersecurity #CybersecurityTraining #appsec #applicationsecurity #infosec #Security #securitytraining #training #handsonlearning #StaySafeOnline #DevSecOps #OWASP #automation
...
https://www.youtube.com/watch?v=d9JUikVI8Kc
Author
Content Type
Unspecified
video/mp4
Language
English
More from the publisher
Controlling
VIDEO
"WHAT
what-is-server-side-template-injection
Injection vulnerabilities are some of the most pernicious and critical vulnerabilities used to attack web applications and their servers. In this video, AppSecEngineer instructor Abhay Bhargav answers the question: "What is a server-side template injection?"
In a #Serversidetemplateinjection, user data "intermingles with the templating system and is treated as executable code by it." By not separating user data from executable code, you get injection flaws.
He even takes you through a detailed explanation using a hands-on lab from one of our courses!
Check out the course here: https://appsecengineer.com/product/injections-xxe-insecure-deserialization/
▬ Contents of this video ▬▬▬▬▬▬▬▬▬▬
0:00 - Intro
0:53- What are Injection flaws?
1:45- Example of template Injection
2:15- What is Server-Side Template Injection?
2:54- Impact of Server-side Template Injection (SSTI)
4:20- Interactive Appsec Lab
4:39- Using Pug (templating system)
6:38- TPL map tool usage
----------
AppSecEngineer is a powerful training platform that delivers amazing hands-on training on #AppSec, AWS Security, Cloud Security, Kubernetes, Container Security and Advanced Application Security.
#AppSecEngineer is ideal for job seekers, knowledge seekers and companies that want to get their workforce equipped to handle real-world security issues with their newly minted and highly educated AppSec Engineers
Learn more about our AppSec courses: https://appsecengineer.com/application-security-courses/
Twitter: https://twitter.com/AppSecEngineer
Linkedin: https://www.linkedin.com/company/appsecengineer/
...
https://www.youtube.com/watch?v=-DsPlEG33EE
Transaction
Created
1 year ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
HOW T
how-to-assign-a-course-to-your-team
This video will guide you to assign courses to your team or individual users using your AppSecEngineer Admin Dashboard.
#appsecengineer #dashboard #howto
...
https://www.youtube.com/watch?v=gljDGk7jGis
Transaction
Created
7 months ago
Content Type
Language
video/mp4
Controlling
VIDEO
DEVSE
devsecops-workflow-with-github-actions
"GitHub Actions has emerged as one of the top pieces of tech in the DevOps and CI/CD scene." - That's AppSecEngineer instructor Abhay Bhargav talking about GitHub Actions, a tool rapidly gaining popularity among product teams around the globe.
In this video, you'll be looking at:
- How to trigger #SAST workflows with #GitHubActions
- How to use GitHub to consume different types of reports from #SASTtools
- How to work with SARIF file format
Check out the full video for an in-depth look at GitHub Actions and how it can play a central role in your #DevSecOps workflow.
-----------
#AppSecEngineer is a powerful training platform that delivers amazing hands-on training on AppSec, AWS Security, Cloud Security, Kubernetes, Container Security and Advanced Application Security.
AppSecEngineer is ideal for job seekers, knowledge seekers and companies that want to get their workforce equipped to handle real-world security issues with their newly minted and highly educated AppSec Engineers
Chapters
0:00 Pre-Start Intro
01:06 Intro
01:31 Create Github project
02:01 Creating Github repository
05:32 Using Semgrep
07:03 Leveraging static analysis workflow with Github actions
07:43 Code scanning insights in Github repository
08:20 Using Sarif capabilities of Github Actions
12:49 Run the static analysis
Learn more about DevSecOps at:
https://appsecengineer.com/courses/github-actions-for-devsecops/
Twitter:
https://twitter.com/AppSecEngineer
Linkedin:
https://www.linkedin.com/company/appsecengineer/
...
https://www.youtube.com/watch?v=by25ZKJ6ENU
Transaction
Created
1 year ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
#AI O
ai-opportunities-in-security-assessing
Watch full video here: https://youtu.be/5gEb73Qdbkk
The world is rapidly embracing AI-driven applications, with many built atop Large Language Models (LLMs). As a security professional, you have a unique chance to assess, test, and securely architect these applications. This presents an ongoing opportunity with significant implications, particularly for companies and startups venturing into AI-driven app development.
Embrace this opportunity with diligence, as it holds considerable weight in the evolving landscape of security and AI.
Stay ahead of the curve and explore the intersection of security and AI.
AppSecEngineer For Businesses: https://www.appsecengineer.com/business-pricing
AppSecEngineer For Individuals: https://www.appsecengineer.com/main-menu-pages/pricing
OWASP Top 10 LLM - https://owasp.org/www-project-top-10-for-large-language-model-applications/
#cybersecurityawarenessmonth #secureourworld
#AI #aisecurity #appsec #applicationsecurity #infosec #Security #securitytraining #training #handsonlearning #devsecops #Kubernetes #containers #threatmodelling #cloudsecurity #aws #azure #gcp #offensivesecurity #redteam #blueteam #purpleteam #cybersecurity #infosec #infosectraining #skillgap #upskill #artificialintelligence #aiinsecurity
...
https://www.youtube.com/watch?v=Bw0o1Bz1g_8
Transaction
Created
1 week ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
APPSE
appsecengineer-podcast-the-waltz-between
As a Fintech platform provider Mr Naren NS from Verisk Financial is our go to guy for understanding the critical role of security in Banking and Financial sector across the globe. This is an interesting conversation about core security principles used in Fintech industry, evolution of security practices in Banking sector and changes across course of time and geography.
Main content:
Insights into the key security threats, compliance and vulnerabilities faced by the industry players.
Insights into the significant role played by AppSec in financial industry and how it has transitioned over the decade
Need of the hour in security assessment and implementation and most importantly what customers require from a Fintech platform.
Current scenario of awareness and importance of security
▬ Contents of this video ▬▬▬▬▬▬▬▬▬▬
0:00 - Intro
2:58- Evolution of Fintech security in last decade
7:35- Changing landscape of Application Security
16:01- Adding technology and related security risks
38:40- Changing expectations of customers
Learn more about application security and DevSecOps at https://appsecengineer.com/
Learn more about Verisk Financials at https://www.verisk.com/financial/
#Fintech #applicationsecurity #infosec #AppSecEngineer
...
https://www.youtube.com/watch?v=sOcioeDw5mw
Transaction
Created
1 year ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
BLACK
blackhat-usa-2023-devsecops-2
Register here - https://www.blackhat.com/us-23/training/schedule/index.html#devsecops-masterclass--edition-30542
This training takes a comprehensive, focused and practical approach at implementing DevSecOps Practices with a focus on Application Security Automation. The training is a glued-to-your-keyboard hands-on journey with labs that are backed by practical examples of DevSecOps and AppSec Automation.
KEY TAKEAWAYS
* Updated, yet battle-tested Application Security Automation Techniques + Practical Security Pipelines, with both conventional and unconventional techniques. Picked from real-world implementations and indicative of modern application development and deployment environments. Students will be able to **use** this knowledge and tools as soon as they are done with the class.
* Cookbook-style cloud security automation coverage of AWS and Azure gives participants an in-depth perspective of security automation on the cloud for multiple cloud stacks and environments. Cookbook-style narratives focus on stories, which are great for people to understand
* Comprehensive Container Security coverage including Kubernetes Security, which is critical, as organizations typically need to use Container Orchestration and security is a key aspect of orchestrating containers.
WHO SHOULD TAKE THIS COURSE
* Application Security Engineers
* DevOps Professionals
* Security Engineers
* Security Managers who are trying to understand how they should implement Security for DevOps
* Developers
* Security Architect
Register here - https://www.blackhat.com/us-23/training/schedule/index.html#devsecops-masterclass--edition-30542
#appsec #appsecengineer #blackhat #blackhatusa #blackhatusa2023 #devsecops
#devops #security #applicationsecurity
...
https://www.youtube.com/watch?v=D1OY3RhW_ak
Transaction
Created
6 months ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
BUILD
building-a-security-dream-team
What questions are you asking to get that Security Dream Team?
In this video, we dive into a pressing challenge faced by CISOs when assembling a security dream team. Did you know there is a shortage of 3.12 million skilled cybersecurity professionals worldwide, according to the ISC² Cybersecurity Workforce Study? That's a staggering number! The scarcity of talent creates fierce competition, making it difficult for CISOs to find the right individuals for their dream team.
But here's the good news: the solution lies in investing in in-house skill development. By nurturing and upskilling your existing workforce, you can build a strong and loyal team tailored to your organization's needs. Join us as we explore the benefits of in-house skill development and how it can lead to improved job satisfaction, increased retention, and institutional knowledge. It's time to unlock the potential of your team and establish a resilient and effective security function. Comment below and let us know your experiences with training programs, and don't forget to check out the link in the description for the full-stack, cutting-edge training solution that can transform your team's skills and elevate your security posture. Invest in your people and build the dream team you've always envisioned.
Start creating your DreamTeam here: https://www.appsecengineer.com/main-menu-pages/teams
#CISODreamteam #ciso #cto #appsec #skillsgap #appsecengineer #applicationsecurity #infosec #informationsecuritytraining
...
https://www.youtube.com/watch?v=mmHHRRw2zU8
Transaction
Created
4 months ago
Content Type
Language
video/mp4
English
Controlling
VIDEO
PROTO
prototype-pollution-short
...
https://www.youtube.com/watch?v=m9Jd04HEUhc
Transaction
Created
1 year ago
Content Type
Language
video/mp4
Controlling
VIDEO
6 PRI
6-principles-of-zerotrust-security-part
In this video (Part 1 of 2), discover the Six Core Principles of Zero Trust Security that can redefine your security approach.
Dive even deeper into the world of cybersecurity with our Zero Trust Security Handbook. It's your comprehensive guide to mastering the art of Zero Trust.
? Get the Handbook: https://www.appsecengineer.com/e-books/the-zero-trust-security-handbook
#CorePrinciples #SecureYourNetwork #appsec #applicationsecurity #infosec #Security #securitytraining #training #handsonlearning
...
https://www.youtube.com/watch?v=EZ-RVAnvex0
Transaction
Created
2 months ago
Content Type
Language
video/mp4
English