Integrating Security in the Build Pipeline - Anirban Saha, Allianz Direct
Abstract
With infrastructures and platforms going cloud native, there are greater security risks now than ever before. In the build and release workflow, often the focus on security comes at a very later stage and sometimes unfortunately, it does not happen at all due to lot of constraints. In this session, Anirban Saha will demonstrate security can be integrated in the build and deployment pipeline and address the problems early in the process. He will stress on the factors that can be problems in achieving this objective and how to go about solving them. He will also discuss the different vulnerability points that can and need to be considered when designing the solution. He will also demonstrate situations where deployment decisions can be made depending on the security status of the artifacts thus eliminating the need for post deployment measures to tackle security flaws.https://static.sched.com/hosted_files/cnsecuritydayeu21/7b/IntegratingSecurityInTheBuildPipeline_AnirbanSaha_4May.pptx