Automating Security in a Continuous Integration Pipeline
Chapter
Accepted version
View/ Open
Date
2022Metadata
Show full item recordCollections
- Publikasjoner fra CRIStin - SINTEF AS [6009]
- SINTEF Digital [2568]
Original version
Proceedings of the 7th International Conference on Internet of Things, Big Data and Security. 2022, 231-238. 10.5220/0011083500003194Abstract
Traditional approaches to software security are based on manual methods, which tend to stall development, leading to inefficiency. To speed up a software development lifecycle, security needs to be integrated and automated into the development process. This paper will identify solutions for automating the security phase into a continuous software delivery process, integrating security tools into a Github repository by using Github Actions to create automated vulnerability scanning workflows for a software project.