Automating Security in a Continuous Integration Pipeline
Chapter
Accepted version
Permanent lenke
https://hdl.handle.net/11250/3055779Utgivelsesdato
2022Metadata
Vis full innførselSamlinger
- Publikasjoner fra CRIStin - SINTEF AS [5654]
- SINTEF Digital [2388]
Originalversjon
Proceedings of the 7th International Conference on Internet of Things, Big Data and Security. 2022, 231-238. 10.5220/0011083500003194Sammendrag
Traditional approaches to software security are based on manual methods, which tend to stall development, leading to inefficiency. To speed up a software development lifecycle, security needs to be integrated and automated into the development process. This paper will identify solutions for automating the security phase into a continuous software delivery process, integrating security tools into a Github repository by using Github Actions to create automated vulnerability scanning workflows for a software project.