Open Source in Finance Forum New York 2022

Securing the app development lifecycle early on and incorporating security through a transparent and consistent process is key in building any production level applications. On a daily basis, how often do you build your application? Now think, how often do you scan for vulnerabilities in the code? This is mostly an afterthought, and is not always considered as the easy part of developing any applications. The recent vulnerability exploits reinforced the need for a secure development lifecycle. Simplifying and automating the process all in a single pull request makes it much easier for any app developer to add security in their pipeline. This talk will cover how to leverage available open source tooling to build and test an application, run security scans across it, and package it for shipping. The session will also provide a step-by-step demonstration on how to set it up all within a pull request and push the application to a production environment in a consistent manner.