DevSecOps applies application security testing during the CI stage, putting “Sec” into DevOps. Security tools must provide meaningful, actionable results. This presentation will show the Checkmarx integration with GitLab CI/CD, along with the challenges we had with the security integration. Topics covered include:
– Merge Requests discussions
– Vulnerability management
– Integration with GitLab’s Security Dashboard
– CxFlow – Checkmarx spring boot application that orchestrates the initiation of static application security testing and software composition analysis and imports the results into GitLab’s ecosystem.