Continuous Security Gate with Snyk and SonarQube in GitLab CI
Integrating code scanning and vulnerability assessments directly into pull request cycles.
Speakers: Troy (Host), Autumn (Co-host)
00:00
00:00
Show Notes
How to block merges if SAST quality gates fail, scan container layers using Snyk, and import alerts into GitLab dashboard.
Key Takeaways
- Quality gates enforce code coverage and block critical CVEs from main.
- Container base-image tracking recommends secure upgrade paths automatically.
- SonarQube decoration provides inline review alerts in Merge Requests.
Listener Comments (0)
No comments yet. Be the first to share your thoughts!