adporn.net Post-deployment security testing - ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep Video Tutorial | LinkedIn Learning, formerly Lynda.com

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,400 courses taught by industry experts.

Post-deployment security testing

Post-deployment security testing

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Post-deployment security testing

“

- [Instructor] Once your deployment is complete, you'll want to ensure that the security tests you performed in pre-production still hold. You should still be performing security testing post-deployment. Scanning for security vulnerabilities can be a complex undertaking so don't assume that it's a one-and-done activity. Once you've deployed your application, you've changed the environment. There's new functionality to consider, new communication pathways, new processes, maybe even new devices. Scanning all of that for vulnerabilities is likely to require multiple scanners with multiple configurations. OWASP is tracking over 60 web application vulnerability scanners on their website, and that isn't even the complete list of scanners that you could choose from. When you scan an application for vulnerabilities, you need to define the configuration for each scan. Will it authenticate to the application or will the scan run without authentication? With it scan the entire application or…

Contents