Get 2,000+ Certificates from Google, IBM & Yale — 40% Off

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Mistakes Made Integrating Security Scanning into CI/CD

Security BSides San Francisco via YouTube

Start learning Write review
Coursera Ad

AI, Data Science & Business Certificates — Save ₹6,000 This Month

Learn More → Boot.dev Ad

The Most Addictive Python and SQL Courses

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore common pitfalls and lessons learned from integrating security scanning into CI/CD pipelines in this 26-minute conference talk from BSidesSF 2020. Discover how Atul Gaikwad and Moses Schwartz navigated a critical incident where their security scanner disrupted all build pipelines. Learn valuable principles, implementation strategies, and best practices for successful integration, including indirection, configuration management, and vulnerability whitelisting. Gain insights into effective logging techniques and the importance of Groovy scripting in the process. Benefit from their experience to avoid similar mistakes and improve your own security scanning implementation in continuous integration and delivery workflows.

Syllabus

Introduction
Story Time
Principles
Indirection
Implementation
Configuration
Groovy Glue
Adding a scanner
Logs
Vulnerability whitelisting
Summary
Questions

Taught by

Security BSides San Francisco

Reviews

Start your review of Mistakes Made Integrating Security Scanning into CI/CD

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.