Integrating Security In the CI/CD Pipeline

This presentation gives concrete examples of implementing open source security tools in a continuous integration pipeline. For example: jenkins, gauntlt, selenium, and arachni can be used to log into a web application, passively scan it for vulnerabilities, and then fail a build based on specific vulnerabilities that are identified. The conversation will also cover tips for rolling out these tools successfully.



Nick Coblentz

Sr. Consultant at Security PS Nick lives in Overland Park, KS and provides security consulting and assessment services to companies in the Kansas City area.