Description:
Explore common pitfalls and lessons learned from integrating security scanning into CI/CD pipelines in this 26-minute conference talk from BSidesSF 2020. Discover how Atul Gaikwad and Moses Schwartz navigated a critical incident where their security scanner disrupted all build pipelines. Learn valuable principles, implementation strategies, and best practices for successful integration, including indirection, configuration management, and vulnerability whitelisting. Gain insights into effective logging techniques and the importance of Groovy scripting in the process. Benefit from their experience to avoid similar mistakes and improve your own security scanning implementation in continuous integration and delivery workflows.
Mistakes Made Integrating Security Scanning into CI/CD
Add to list
#Conference Talks
#Security BSides
#Programming
#Software Development
#Information Security (InfoSec)
#Cybersecurity
#Computer Science
#DevOps
#Configuration Management
#CI/CD Pipelines
#Vulnerability Management
0:00 / 0:00