BestHub
Sign in
Tag

DAST

0 views collected around this technical thread.

Bilibili Tech
Bilibili Tech
Aug 2, 2024 · Information Security

Security Development Lifecycle (SDL) at Bilibili: Implementation, Data Lifecycle Security, and DevSecOps

At Bilibili, the security team adapted Microsoft’s Security Development Lifecycle by establishing capability practices such as training, threat modeling, secure coding, and component scanning, integrating these processes into development pipelines through dedicated business partners, extending protection to the full data lifecycle, and evolving toward automated DevSecOps with in‑pipeline DAST and a custom vulnerability management platform.

DASTData SecurityDevSecOps
0 likes · 15 min read
Security Development Lifecycle (SDL) at Bilibili: Implementation, Data Lifecycle Security, and DevSecOps
Cloud Native Technology Community
Cloud Native Technology Community
Sep 7, 2023 · Information Security

Kubernetes Security Testing: Importance, Methods, and Best Practices

This article explains why security testing is critical for Kubernetes clusters, outlines key testing approaches such as SAST, DAST, container image scanning, configuration audits, and network policy testing, and provides practical steps for integrating these methods into CI/CD pipelines to ensure robust cloud‑native security.

Configuration AuditContainer ScanningDAST
0 likes · 9 min read
Kubernetes Security Testing: Importance, Methods, and Best Practices
DevOps
DevOps
Aug 26, 2022 · Information Security

Security Testing Practices in DevSecOps and Huawei Cloud

The article explains the importance of security testing within DevSecOps, outlines key testing methods such as SAST, DAST, IAST, and SCA, discusses penetration testing, and describes Huawei Cloud's comprehensive security testing framework and practices for ensuring software safety in modern development pipelines.

DASTDevSecOpsIAST
0 likes · 13 min read
Security Testing Practices in DevSecOps and Huawei Cloud
Architects Research Society
Architects Research Society
Jul 28, 2020 · Information Security

11 Practical Tips for Delivering Security as Code in DevOps

This article explains what "security as code" means, why shifting security left in the software development lifecycle matters, and provides eleven actionable tips—including understanding Secure SDLC, using SAMM, integrating SAST/DAST, and automating security checks—to help teams embed security directly into their DevOps pipelines.

AutomationDASTDevSecOps
0 likes · 10 min read
11 Practical Tips for Delivering Security as Code in DevOps