DeveloperWeek 2024 has ended
Wednesday, February 21 • 2:00pm - 2:50pm
PRO WORKSHOP: Adding SAST to CI/CD, Without Losing Any Friends

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Milan Williams, Semgrep, Engineer

Everyone wants to put tests into the release pipeline, but no one wants to wait hours for them to finish. In this workshop we will discuss multiple options for adding static application security testing (SAST) to your CI/CD, in ways that won’t compromise speed or results, such as learning which results can be safely ignored, writing your own rules, company-specific checks, scanning PRs instead of commits, splitting blocking scans versus deep audit scans, etc. We will also cover ways to continuously find vulnerabilities. 

avatar for Milan Williams

Milan Williams

Engineer, Semgrep

Wednesday February 21, 2024 2:00pm - 2:50pm PST
ProductWorld Main Stage
  DevOps Summit