Test Driven Security in the DevOps pipeline - AppSecUSA 2017

Watch on YouTube 1. zap docker pull owasp/zap2docker-weekly docker run -t owasp/zap2docker-weekly zap-baseline.py -t https://bugzilla.mozilla.org bandit NIN: Bandit is a tool designed to find common security issues in Python code. Ref: openstack/bandit: Github $ bandit -r ~/src/github.com/Kinto/Kinto Security Group Testing…