Session
Security safeguards in continuous integration
Learn how to safeguard your software development project by implementing automated security checks in continuous integration pipeline. Learn what is behind acronyms like SAST, SCA, DAST, SBOM and SARIF.
Examples are done with .NET, PowerShell and GitHub actions but are applicable to other tech stacks too.
Topics:
- How the GitHub Actions work
- What is a good security test in continuous integration
- How to analyse your code against defects
- How to analyse your dependencies against known vulnerabilities
- How to check your open source licenses
- How to scan your code for secret leaks
- How to scan your infrastructure as code for misconfigurations
- How to generate bill of materials
- How to check http security headers status from a website
- Implementing branch guards
Prerequisites:
- Text editor
- git
- GitHub Account and Public repository
Target audience:
- Security Engineers
- Software Developers
- Anyone interested

Pasi Huuhka
DevOps Architect at Zure, DevTech MVP
Helsinki, Finland
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top