Integrating Security In the CI/CD Pipeline


This presentation gives concrete examples of implementing open source security tools in a continuous integration pipeline. For example: jenkins, gauntlt, selenium, and arachni can be used to log into a web application, passively scan it for vulnerabilities, and then fail a build based on specific vulnerabilities that are identified. The conversation will also cover tips for rolling out these tools successfully.

Speaker

nick-coblentz

Nick Coblentz


Sr. Consultant at Security PS Nick lives in Overland Park, KS and provides security consulting and assessment services to companies in the Kansas City area.