Building Security In: Methods for Securing Software Development Lifecycles

When we think of securing software development lifecycles, we need to concern ourselves with the security of the produced software as much as the security of the processes involved in building it. During this workshop, you'll learn how to secure your pipelines and how to continuously scan at build time for common security issues in a provided vulnerable application using tools such as Inspector, Zap, Dependency Check and more.

Building

This repository houses a Hugo installation. To build the content and run it locally, you'll need to install Hugo:

  1. Install Hugo
  2. From the root of this repository, run hugo then hugo serve
  3. Visit the URL provided in the output (often, but not always, http://localhost:1313) to see the site running locally

When you make a change to the content in the repository, so long as Hugo is running, the change will be reflected almost immediately. To that end, it's advisable to run hugo serve in a window that sits in the background, and make changes in a separate window.