DevSecOps! Shift left and fail fast! Unfortunately, it takes more than some buzzword bingo to establish a truly secure software development lifecycle. Today, it is not enough that the application works according to the functional requirements; we should also heavily protect it against cybercriminals. This session will demonstrate how to leverage the GitHub platform to create automated security checks such as static application security testing and software composition analysis to get you well on your way to securing your application with minimal effort. In addition, you'll learn what different tools we have available for spotting security issues and how to analyze and act on the potential vulnerabilities to improve the security posture of your source code repository.

Co-presented with Laura Kokkarinen