• Automating Dynamic Application Security Testing at Scale

  • Feb 5 2025
  • Durée: 46 min
  • Podcast

Automating Dynamic Application Security Testing at Scale

Écouter gratuitement

Voir les détails du balado

  • Résumé

  • In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by Jason Geffner, Principal Security Architect at Microsoft, to discuss his groundbreaking work on scaling and automating Dynamic Application Security Testing (DAST). Following on from his BlueHat 2024 session, and outlined in this MSRC blog post, Jason explains the key differences between DAST, SAST, and IAST, and dives into the challenges of scaling DAST at Microsoft’s enterprise level, detailing how automation eliminates manual configuration and improves efficiency for web service testing. In This Episode You Will Learn: Overcoming the challenges of authenticated requests for DAST tools The importance of API specs for DAST and how automation streamlines the process Insights into how Microsoft uses DAST to protect its vast array of web services Some Questions We Ask: What's a lesson from this work that you can share with those without Microsoft's resources? Can you explain what the transparent auth protocol is that you mentioned in the blog post? How is your work reducing the manual effort needed to configure DAST system services? Resources: View Jason Geffner on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Blog Post: Scaling Dynamic Application Security Testing (DAST) | MSRC Blog Related BlueHat Session Recording: BlueHat 2024: S10: How Microsoft is Scaling DAST Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts
    Voir plus Voir moins
Voir plus Voir moins

Ce que les auditeurs disent de Automating Dynamic Application Security Testing at Scale

Moyenne des évaluations de clients

Évaluations – Cliquez sur les onglets pour changer la source des évaluations.

Évaluations sur Audible.ca

Évaluations sur Amazon.ca
Il n'y a pas encore de critiques pour ce titre.