CircleCI Orbs Webinar Series - Secure your CI/CD pipelines from start to finish with the WhiteSource & CircleCI
âą
21 gefĂ€llt mirâą317 views
This document provides an agenda for a webinar on securing CI/CD pipelines from start to finish with CircleCI and WhiteSource. The agenda includes brief introductions to CircleCI and WhiteSource, an overview of CircleCI Orbs and how they can simplify integrations, a discussion of the state of open source usage and security, and a demo of WhiteSource scanning functionality directly within a CircleCI pipeline using an Orb.
Empfohlen
Empfohlen
Weitere Àhnliche Inhalte
Was ist angesagt?
Was ist angesagt? (20)
Ăhnlich wie CircleCI Orbs Webinar Series - Secure your CI/CD pipelines from start to finish with the WhiteSource & CircleCI
Ăhnlich wie CircleCI Orbs Webinar Series - Secure your CI/CD pipelines from start to finish with the WhiteSource & CircleCI (20)
Mehr von WhiteSource
Mehr von WhiteSource (17)
KĂŒrzlich hochgeladen
KĂŒrzlich hochgeladen (20)
CircleCI Orbs Webinar Series - Secure your CI/CD pipelines from start to finish with the WhiteSource & CircleCI
- 1. 1 CircleCI Orbs Webinar Series Secure your CI/CD pipelines from start to finish with the WhiteSource & CircleCI Angel Rivera Developer Advocate CircleCI Shiri Ivstan Product Manager WhiteSource
- 2. Hi Iâm Angel @punkdata Developer Advocate. My job is to inspire developers! 2
- 3. 3 âą Few words about CircleCI âą Few Words about WhiteSource âą Introduce CircleCI Orbs âą The state of Open Source usage & security âą Demo âą Q&A Agenda
- 4. 4 â Founded in 2011 â More than 180 employees worldwide â 300,000+ developers using CircleCI and growing! â Named a Leader in Continuous Integration by Forrester in 2017 â Weâre hiring! boards.greenhouse.io/circleci About CircleCI
- 5. 5
- 6. 6
- 7. 7 Orbs can encapsulate and simplify integrations. Because orbs are declared in config, easy to version and update integrations as needs evolve. Orb Example
- 8. 8
- 9. THE STATE OF OPEN SOURCE USAGE & SECURITY
- 10. The number of disclosed open source vulnerabilities rose by over 50% in 2017 NUMBER OF REPORTED OPEN SOURCE VULNERABILITIES ROSE BY 51.2% IN 2017
- 11. FREQUENCY OF USE OF OPEN SOURCE COMPONENTS of developers rely on open source components 96.8%
- 12. of all open source projects are vulnerable, but when it comes to the most popular open source projects⊠7.5%
- 13. But, it's not all bad. The rise in awareness also led to a sharp rise in suggested fixes⊠of all reported vulnerabilities have at least one suggested fix in the open source community 97.4%
- 14. Information about vulnerabilities is scattered across hundreds of resources, usually poorly indexed and therefore unsearchable OF REPORTED OPEN SOURCE VULNERABILITIES APPEAR IN THE CVE DATABASE 86% OVER
- 16. About WhiteSource WhiteSourceâs vision is to empower businesses to develop better software, faster, by securing and managing the open source components in their software.
- 17. SECURITY THROUGHOUT THE SDLC PIPELINE
- 18. Detect Issues As Early As Possible The cost of fixing security and quality issues rises significantly, as the development cycle advances.
- 19. Scan
- 20. Code âȘ Choose the right component from the earliest stages âȘ Automatically open pull requests for patches âȘ Restrict merges if vulnerabilities exist
- 21. Build âȘ Detect open source vulnerabilities while running your build âȘ Fail builds based on policies (i.e high severity vulnerabilities)
- 23. Get our Whitepaper The DevOps Guide: Implementing Cultural Change Click the pic