Episode 18: Testing Cloud Application
Guest: Bar Hofesh
Guest Title: Co-Founder
Application security is among the hardest things to get right. In this episode we are talking with Bar Hofesh from Neurolegion about the world of automated security testing - what are the challenges, what are the different stages of integration and delivery and how to perform each stage correctly.
0:50 - introducing our guest
2:58 - the need to automate security testing - the challenge of developing faster
7:15 - so what is testing automation - describing the process - the code integration stage
13:50 - security testing the packing and delivery stage
18:50 - testing live application stage
20:20 - appsec finding strategy - what do when found an alert
22:20 - Static analysis vs. dynamic analysis
24:58 - emerging technologies - RASP, IAST
30:50 - Is there still room for manual penetration testing?
34:05 - summary and last words