Loading…
In-person + Virtual
October 24-28
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Daylight Time (UTC -4). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Friday, October 28 • 11:55am - 12:30pm
From Security Testing To Deployment In a Single PR - Sarah Khalife, GitHub & Grant Griffiths, Portworx

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.


Automating cloud native app development and incorporating security through a transparent and consistent process is key in building any production level applications. On a daily basis, think about how often you build your application and scan for vulnerabilities in the code. This is mostly an afterthought and not always considered as the easy part of developing any applications. However, the recent vulnerability exploits reinforced the need for a secure development lifecycle. Simplifying and automating the process all in a single pull request makes it much easier for any cloud app developer to add security! This talk will cover how to leverage available open source tooling to build and test a cloud native application, run security scans across it, and package it for shipping. For automation, we will have a step-by-step demonstration on how to set it up all within a PR to provide consistency and push the containerized application to a Kubernetes environment.
Speakers
avatar for Sarah Khalife

Sarah Khalife

Enterprise Solutions Engineer, GitHub
Passionate about creating an environment for organizations to implement best practices and improve their software development lifecycle operations, Sarah is a Principal Solutions Engineer at GitHub. She helps drive innersource, automation and security workflows, and most recently... Read More →
avatar for Grant Griffiths

Grant Griffiths

Member of Technical Staff, Portworx
Grant Griffiths is a core contributor and reviewer for SIG Storage working at Portworx. For kubernetes-CSI, he helped bring the external-snapshotter to Beta in Kubernetes 1.17 and GA in Kubernetes 1.20, improved support for secrets, release tooling, and fixed various snapshot controller... Read More →

From Security Testing to Deployments in a Single PR pdf
Friday October 28, 2022 11:55am - 12:30pm EDT
Ambassador Ballroom (Room 360)
  CI/CD