In this video, Abhay Bhargav, shares his favorite open-source tools for building secure development pipelines. Whether you're looking for tools to improve static analysis (SAST), dynamic application security testing (DAST), or secure your cloud infrastructure and supply chain, these tools have got you covered.
These tools are open-source, powerful, and versatile, making them a perfect addition to your DevSecOps workflow. Tune in to learn more!
Chapters:
00:00 - Introduction
00:55 - Static Analysis with Semgrep
03:10 - Infrastructure as Code Security with Checkov
04:53 - Supply Chain Security with Sift & Grype
06:33 - Secrets Management with Gitleaks
07:30 - Dynamic Scanning with Zap & Nuclei
09:24 - Cloud Security Auditing with Steampipe
12:30 - Conclusion
Don't forget to like, subscribe, and share your favorite tools in the comments below!
#DevSecOps #AppSec #OpenSourceTools #SecurityTesting #SAST #DAST #CloudSecurity #applicationsecurity #cybersecurity