Source: blog.devgenius.io
DevSecOps using GitLab SecureCategory: Software, Database, Security, Docker, gitlab, automation
Every now and then, the Dev team will request security scans of their applications from the security teams.
This is where Development, Security, and Operations aka DevSecOps comes in.
Secure provides Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Container Scanning, and Dependency Scanning to help you deliver secure applications along with License Compliance.
We’ll do this by manually including the security scan templates in the existing .gitlab-ci.yml file as shown below: Now, Commit a change and watch your new DevSecOps CI/CD pipeline in action and check your security and compliance board: You have probably noticed that we have many vulnerabilities due to outdated versions of dependencies.
Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox.Explore
This is where Development, Security, and Operations aka DevSecOps comes in.
Secure provides Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Container Scanning, and Dependency Scanning to help you deliver secure applications along with License Compliance.
We’ll do this by manually including the security scan templates in the existing .gitlab-ci.yml file as shown below: Now, Commit a change and watch your new DevSecOps CI/CD pipeline in action and check your security and compliance board: You have probably noticed that we have many vulnerabilities due to outdated versions of dependencies.
Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox.Explore
Related Articles
Community Partners
DevOps Careers