Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CI CD

User Office Hours | How to Secure CI/CD Pipeline w/ GitHub Actions & Snyk | Mar 23, 2022

Oct 19, 2022 By Snyk In Snyk
This User Office Hours session covers how to build a secure CI/CD Pipeline with GitHub Actions and Snyk. First, we'll build a demo application. Then, we'll walk through how to test for security issues using Snyk Open Source and Snyk Code. We'll then go on to deploy a container image. Missed the live stream? Feel free to ask questions in the comment section, and we'll do our very best to answer them.
View Video
sysdig

Image scanning for GitLab CI/CD

Oct 12, 2022 By Dale Rodriguez In Sysdig

Scanning a container image for vulnerabilities or misconfigurations on your GitLab CI/CD using Sysdig Secure is a straightforward process. This article demonstrates a step-by-step example of how to do it. The following proof of content showcased how to leverage the sysdig-cli-scanner with GitLab CI/CD. Although possible, this procedure is not officially supported by Sysdig, so we recommend checking the documentation to adapt these steps to your environment.

Read Post
sysdig

Container Image Scanning for Azure Pipelines with Sysdig

Sep 19, 2022 By Eduardo Mínguez In Sysdig

Scanning a container image for vulnerabilities or bad practices in your Azure Pipelines using Sysdig Secure is a straightforward process. This article demonstrates a step by step example on how to do it. The following proof of content showcased how to leverage the sysdig-cli-scanner in Azure Pipelines. Although possible, it is not officially supported by Sysdig, so we recommend checking the documentation to adapt these steps to your environment.

Read Post
Snyk

Integrating Snyk Open Source C/C++ security scanning into CI pipelines

Sep 8, 2022 By Michal Brutvan In Snyk

Snyk Open Source supports C and C++ scanning for vendored open source dependencies via CLI — and we are happy to share that it is now available via our CI plugins as well. This guide will walk you through integrating C/C++ security scanning within pipelines to get vulnerability information and remediation advice directly to developers. Note that in the scope of this guide, we’ll refer to “C/C++” as just “C++”

Read Post
tripwire

Everything You Need to Know About CI/CD and Security

Aug 30, 2022 By Anastasios Arampatzis In Tripwire

CI/CD is a recommended technique for DevOps teams and a best practice in agile methodology. CI/CD is a method for consistently delivering apps to clients by automating the app development phases. Continuous integration, continuous delivery, and continuous deployment are the key concepts. CI/CD adds continuous automation and monitoring throughout the whole application lifetime, from the integration and testing phases to delivery and deployment.

Read Post
synopsys

Bridging the security gap in continuous testing and the CI/CD pipeline

Jul 25, 2022 By Kimm Yeo In Synopsys
Learn why Synopsys earned the highest score for the Continuous Testing Use Case in Gartner’s latest report. Gartner recently released its 2022 “Critical Capabilities for Application Security Testing” (AST) report, and I am delighted to see that Synopsys received the highest score across each of the five Use Cases.
Read Post
LimaCharlie

CI/CD pipeline attacks: A growing threat to enterprise security

Jul 6, 2022 By Christopher Luft In LimaCharlie

CI/CD pipeline attacks are a growing threat to enterprise security. In this article, we’ll provide an overview of CI/CD for non-developers, discuss the cybersecurity issues involved, and offer some recommendations for developers, companies, and security teams.

Read Post
Snyk

Building a secure CI/CD pipeline with GitHub Actions

Jun 27, 2022 By Brian Vermeer In Snyk

GitHub Actions has made it easier than ever to build a secure continuous integration and continuous delivery (CI/CD) pipeline for your GitHub projects. By integrating your CI/CD pipeline and GitHub repository, GitHub Actions allows you to automate your build, test, and deployment pipeline. You can create workflows that build and test every pull request to your repository or deploy merged pull requests to production.

Read Post
Subscribe to CI CD

Copyright © 2024 OpsMatters™. All rights reserved.