In this session, we will introduce DevSecOps and explain how integrating security practices into the software development process can enhance the security of applications. We will focus on two key security testing techniques, static application security testing (SAST) and software composition analysis (SCA), and demonstrate how to implement them using GitHub Advanced Security.

Through a practical example, we will show how to set up a DevSecOps pipeline with GitHub Actions to detect and fix vulnerabilities at different stages of the software development lifecycle.

By the end of this session, attendees will have a solid understanding of DevSecOps best practices and how to use automated security tools to improve the quality and security of their code, while reducing the risk of security breaches and data leaks.