[CANCELLED] Owtf: my application is unsecure! Security test automation in DevSecOps


The aim of the workshop is to allow participants to build a CI/CD pipeline that allows to test the security of a web application using Owasp tool OWTF (Offensive Web Testing Framework).

The workshop, starting from the basic concepts of penetration testing, shows how to install and configure Owtf into jenkins, and how perform automatic test. Finally, we will see the report produced and how use the output of the tool to prevent your unsecure code gets to production.

Arguments:

  • introduction to OWASP and the Owasp testing guide
  • introduction to devops pipeline and test automation in jenkins
  • offensive web testing
  • scanning vs PTest
  • the workflow of the owtf
  • installation and basic configuration
  • selecting the offensive tools
  • doing analysis on a web app
  • configure jenkins tasks for owtf
  • reporting and remediate code in CI

Speaker

antonio-pigna

Antonio Pigna

 

Automation Architect at Accenture

Antonio Pigna is Accenture’s Automation Architect in Italy based in Naples. As technical leader of many projects I’m specialized in Java Enterprise architectures,

...