Web App Vulnerabilities - DevSecOps Course for Beginners
HTML-код
- Опубликовано: 30 май 2024
- In this DevSecOps course, you will learn how to take advantage of common web vulnerabilities, how to fix those vulnerabilities, and how to use DevSecOps tools to make sure your applications (and containers) are secure. You will also learn all about DevSecOps.
💻 Get the goof example app shown in this course: github.com/snyk/goof
🎉 Thanks to Snyk for providing a grant that made this course possible.
🔗 Sign up for Snyk: snyk.io/try-devsecops
🔗 Learn more about DevSecOps: learn.snyk.io/
✏️ Beau Carnes developed this course.
✏️ Eric Smalling teaches the last section of the course about securing containers. Eric is a Senior Developer Advocate at Snyk.io and has over 30 years of enterprise application development and consulting experience.
🔗 Eric is @ericsmalling on most social platforms (Twitter, LinkedIn, GitHub)
⭐️ Course Contents ⭐️
⌨️ (00:00:00) Introduction
⌨️ (00:00:29) What is DevSecOps?
⌨️ (00:01:12) Vulnerabilities
⌨️ (00:08:11) DevOps vs DevSecOps
⌨️ (00:14:02) Software Project Iceberg
⌨️ (00:15:25) Importance of DevSecOps
⌨️ (00:17:45) Exploiting Common Web App Vulnerabilities
⌨️ (00:37:53) Finding and Fixing Vulnerabilities with Snyk Code
⌨️ (00:49:01) Exploring Vulnerabilities Using the Snyk Web Interface
⌨️ (00:52:22) Securing Containers (featuring Eric Smalling)
⌨️ (01:28:31) Conclusion
🎉 Thanks to our Champion and Sponsor supporters:
👾 Raymond Odero
👾 Agustín Kussrow
👾 aldo ferretti
👾 Otis Morgan
👾 DeezMaster
--
Learn to code for free and get a developer job: www.freecodecamp.org
Read hundreds of articles on programming: freecodecamp.org/news
because of this channel i started understanding to code and IT in general i started watching and learning by myself and this channel in 2020 (october) almost 4 years and i feel confortable in many areas! if your at your beginning an reading this! keep going its a never ending journey of wisdom! :) thanks baeu u changed my life with youtube tutorials!:)
That youtube channel by all means, is a gift to the programming world and all it’s end users.
I am finding it totally hilarious this went live so close to the Oracle vulnerability.
I understand less then 10% but it's so cool watching these people talk
You rock, Beau. Thanks again. Keep up the great work.
Beau this is good content...please create more appsec | webappsec | devsecops training from you. Thanks for sharing the knowledge
After flirting with the idea of entering this space, I've always felt the need to learn the techniques used to build better solutions. In fact, this is what crippled me when ever given the idea of pursuing development. I know keep it simple and readable, but because of how I think and function I just couldn't let this go to chance. My code needs to be at least somewhat secure or its just going to require rewriting. Can't wait to see what he does next. My guy, I'd love to ask for a path. I generally ask for direction only, but in this case with this much material, I could really use a plan.
Recently took an interview with an unnamed company that I am ecstatic about and also ready to jump into a DevOps role where I would like to bring Security to the forefront.
This man seems so smart. I have followed him to finish a Mern stack project, but he keeps posting new tutorial video. How could he learn so fast ?
The man probably got army of people helping him out, but still he knows tons
Uncle,you and your team is awesome thanks man very good..😙😍
ty 4 making this! wish for a more advanced follow-up to this
Hi, thanks for sharing the knowledge and for this course!
🔥🔥.. that's what I was looking for..
I just started to learning...Thnx a Lot for sharing knowledge...
Thanks for the early Christmas present!
🎄
Awesome as usual 👊😎
I think that web app's security is often ignored when developing an app or introducing new features. I really enjoyed 'exploying vulnerabilities' part of the vide. Thanks for sharing your knowledge.
Thanks for sharing the knowledge and please create more video's or introduce other videos for this course
This is really, good stuff guys.
Very cool. Please create more videos on security
We need more 🔥
Guys, I m QA Automation engineer. I wanted to learn and Shift to DevOps. Could you Please do a video on this and help us ? Too many courses on RUclips
Here is a good DevOps video: ruclips.net/video/j5Zsa_eOXeY/видео.html
Excellent!
You can definitely read my mind!
Thanks, really helpful
nice guys looking fwd to enroll full time dev sec ops
Thanks!
Hoodie up that boy ain’t playing
Is there any react js landing page for business website with basic CSS.
42:53 synk code vulnerability scanner it has red orange yello grey alert colours ,, devops and sdlc pipeline,images runtime and kubernetes defence in depth ,
I'm just starting a MERN full stack but man I'm feeling like code camp is throwing me warp speed into new learning modules.
Please make video on mean stack for 10 to 15 hours.. with multiple big projexts
Excellent video
Where did you get your background? It is nice though
thanks for you video, nice.
What are the prerequisites to learn DevSecOps? Can anyone let me know this?
I'm so confused about what terminal is being used and how to get to the Node.js directory. Can someone point me in the right direction or explain it in leymans terms. Please and Thank you.
All the best
nice backround!
haha Beau using a hood is very convenient for this subject ....
I love this
We need more
Please guide me how to get real time experience on devops without working in a company to get a job
Latest case Log4j vulnerability
I wish every single security related video on youtube didnt involves a hoodie with the hood up
Good but we need full VIDEOS
i'm facing an error running the docker-compose up --build: no matching manifest for linux/arm64/v in the manifest list entries
also:
failed to solve: process "/bin/sh -c npm update" did not complete successfully: exit code: 1
i am having busboy in not a constructor error
Are mobile apps open to these same vulnerabilities?
21st view and 1st comment.
Can we have Android dev videos
Beau looking like a hacker today😂
Watching 0:15
❣️🔥
I think they thought of this after log4j disaster. LoL
Log4j
he got a hoodie, I know I can trust him
Future job title devsecops-ceo-manager-investor-janitor-gardner 😂😂
Hello
i am involved in a problem can any one help me
i want to make a browser i have learnt c++ and C# as a beigner programmer
anyone can guide me how and from where i start to build browser
which things i need to learn. which things are required to make browser
Just for a learning experience or as a product for others to learn? If the second option, you should base it off of Chomium. Most browsers are based on Chomium.
Also you can look at how Firefox is built
@@rosgori THANK YOU SO MUCH
for those who gets ERROR: "[BUG]: Connect 500 TypeError: Busboy is not a constructor" the fix is the folowing:
Steps to solve in Dockerfile
Edit the dependencies object in package.json file.
Replace the following two dependencies to more up to date versions
Before
"express": "4.12.4",
"express-fileupload": "0.0.5",
After
"express": "4.17.1",
"express-fileupload": "1.4.0",
You look like hackerman haha
The most confusing topic for Devops Engineers is DevSecOps, now AI-ML-OPS.hmmm.. I dont know what will be the buzzword for 2024
Hacking, step 1: buy a hoodie and have monitors scan the globe.
very good vul burp nessus zap nikto testing and hedgus waf i choose both of them
Thanks!