From the course: Cisco CCNP Security SCOR v1.1 (350-701) Cert Prep

Unlock this course with a free trial

Join today to access over 24,800 courses taught by industry experts.

Application and data security

Application and data security

From the course: Cisco CCNP Security SCOR v1.1 (350-701) Cert Prep

Start my 1-month free trial Buy for my team

Application and data security

- [Instructor] In addition to using CICD pipeline testing to validate our applications and the data used with them, there are several other assurance tools and methods that we should employ. Application protection means that the data interacting with our code has security protection as well, and there are many ways to do this, a few of which we'll explore here. Application security testing falls under two main methodologies, static application security testing, and dynamic application security testing. Static application security testing is what we refer to as a white box method for testing. This means that we test from the inside out and that we have access to the underlying framework, design, and implementation of the application. This is a typical developer approach to application testing. This doesn't require a deployed application, but instead uses analysis against the source code itself to test for vulnerabilities without executing the application. Generally speaking, this…

Contents