To main content

Automating Security in a Continuous Integration Pipeline

Abstract

Traditional approaches to software security are based on manual methods, which tend to stall development,
leading to inefficiency. To speed up a software development lifecycle, security needs to be integrated and
automated into the development process. This paper will identify solutions for automating the security phase
into a continuous software delivery process, integrating security tools into a Github repository by using Github
Actions to create automated vulnerability scanning workflows for a software project.

Category

Academic chapter/article/Conference paper

Client

  • Research Council of Norway (RCN) / 247678

Language

English

Author(s)

Affiliation

  • University of Stavanger
  • SINTEF Digital / Software Engineering, Safety and Security

Year

2022

Publisher

SciTePress

Book

Proceedings of the 7th International Conference on Internet of Things, Big Data and Security

Issue

1

ISBN

978-989-758-564-7

Page(s)

231 - 238

View this publication at Cristin