This repository shows you how to build up an enterprise-ready DevSecOps Pipeline with GitHub. It is part of your video series on how to build a DevSecOps Pipeline with GitHub and GitLab.
Here is the link to the blog-post: https://www.romanoroth.com/post/gitlab-vs-github-devsecops
- GitHub: DevSecOps: Part 1/12: What is GitHub? The fundamental concepts of a DevSecOps pipeline. https://youtu.be/_m5KYEi1ThA
- GitHub: DevSecOps: Part 2/12: Introduction to GitHub https://youtu.be/6ZdxXDu8ZDA
- GitHub: DevSecOps: Part 3/12: Learn How to use SCA (Software Composition Analysis) https://youtu.be/xM3elerxjYo
- GitHub: DevSecOps: Part 4/12: How to ensure License Compliance? https://youtu.be/l7IBh2xkDcQ
- GitHub: DevSecOps: Part 5/12: Protect your Apps with Static Application Security Testing (SAST) https://youtu.be/p4xS2X5KsNk
- GitHub: DevSecOps: Part 6/12: How to use Container Scanning https://youtu.be/_ZeKh3GcbgU
- GitHub: DevSecOps: Part 7/12: How to find secrets in your own code with Secret Scanning https://youtu.be/k-uuPTLNXGM
- Coming Soon
Link to the GitLab repository: https://gitlab.com/romano_roth/gitlabdevsecopspipeline