DevSecOps: Continuously Hacking Your App + Mutation Testing Patterns

Continuous Delivery & XP Practices Israel
Continuous Delivery & XP Practices Israel
Public group

Soluto

Rothschild Blvd 39 · Tel Aviv-Yafo

How to find us

Soluto HQ, Tel Aviv

Location image of event venue

Details

Submit your own future talk at http://submit.cdxpisrael.com

Schedule:
------------------------------
18:00 Getting together (Pizza!)
18:30: DevSecOps: Continuously Hacking Your App (Omer Levi Hevroni)
19:30: Break
19:45: Community Announcements & Hiring Callouts
19:50: Mutation Testing Patterns (Anna David & Yaniv Nahoum)
20:20: End of the evening

Details:
---------

18:30: DevSecOps: Continuously Hacking Your App (Omer Levi Hevroni)

There are so many sophisticated ways to exploit web applications, that it’s almost impossible for a developer to write completely secure code. But we can’t accept this situation. We can’t expose our users (and our user's data) to hackers.
So what can we do? We can switch from defense to offense. We can take hacking tools, used by malicious hackers, and use them to test our web application for security issues.
In this talk, we will take a vulnerable web application, and try to find as many vulnerabilities as we can - using only automated tools. I’ll discuss the vulnerabilities we find, explain why we should care - and how we can remediate it securely. All the tools I’ll use are tools you can start using today - to scan your applications and make sure you deploy more secure applications.

About Omer:
Omer is a DevSecOps Engineer @Soluto by Asurion. He is also an open source maintainer & a father!

19:50: Mutation Testing Patterns (Anna David & Yaniv Nahoum)
-----------------------------------------
Code tends to contain bugs, that's one of the reasons we write tests. But how do we test the tests?

In most applications, the metric used to measure the test suites is test coverage. While coverage does give us some information regarding the areas in our code in which we are more exposed, it says nothing about the quality of the tests in the areas that they cover. That’s where mutation testing comes in. Finally, we can get real insight into the quality of our tests!

About Anna:
Anna David is a software development manager and automation solution expert at AT&T Israel. She works closely with development teams, helping them deliver faster and with higher quality by putting a strong emphasis on software development life cycle productivity and engineering practices.

About Yaniv:
Yaniv Nahoum is a software developer and technical coach at AT&T Israel. He works closely with development teams, helping them deliver faster and with higher quality by putting a strong emphasis on developer productivity and engineering practices.