Securing Your Pipeline: Best Practices for Implementing Security Scanning

TALK ABSTRACT

In this talk, we will explore essential strategies and tools for embedding robust security measures within your CI pipelines. We’ll discuss how leveraging security scanning can uncover vulnerabilities in both proprietary and open-source code. As development cycles accelerate, integrating automated security checks early in the process is crucial for detecting and mitigating risks. This session will cover how to seamlessly incorporate security tools into your CI workflows, address common security challenges, and navigate the discovery of vulnerabilities in open-source projects. We’ll also delve into the infinite game of staying ahead of evolving attack vectors, emphasizing the need for continuous growth and adaptation in your security practices. Attendees will gain practical insights into setting up security scans, interpreting results, and implementing fixes to fortify their applications against potential threats. Whether you’re a developer, DevOps engineer, or security professional, this talk will equip you with the knowledge to enhance your pipeline’s security posture effectively.

Speaker

Sean Sparkman

  
With over two decades of experience as a developer, I have cultivated a diverse background in multiple industries, including advertising, healthcare, voice recognition, and big oil. My expertise lies ...