From Builds and CI to Security Testing in a Single PR

Explore a comprehensive approach to integrating security testing into the app development lifecycle in this 35-minute conference talk by Sarah Khalife from GitHub. Learn how to streamline the process of building, testing, and securing applications within a single pull request. Discover the importance of incorporating security measures early and consistently in production-level application development. Gain insights into leveraging open-source tools for application building, testing, and vulnerability scanning. Follow a step-by-step demonstration on setting up an automated pipeline that includes security scans, packaging, and deployment to production environments. Understand how this approach can simplify and enhance the secure development lifecycle, addressing the growing need for robust application security in light of recent vulnerability exploits.

From Builds & CI to Security Testing in a Single PR - Sarah Khalife, GitHub