OWASP has a number of flagship projects designed to help us deliver secure applications. The OWASP Dependency Check works with dependencies to check for known security vulnerabilities. The OWASP ZAP is a attack proxy to actively probe your application and the OWTF (offensive web testing framework). Finally, we’ll go over the Application Security Verification Series (ASVS) as it applies to your DevOps toolchain itself to make sure you know and are securing your pipeline itself.
Session Recording: https://www.youtube.com/watch?v=gJmZO-Fy5Q0
Session Slides: https://github.com/BillDinger/ContinuousSecurity