All OpsCast Conversations
Search and filter through the complete archive of DevOps, Cloud Security, and Kubernetes discussions.
Shifting Left with Snyk: Integrating Security from Code to Production
In this episode, we dive into Snyk's comprehensive security platform, exploring how its tools and features enable developer-first security, from SAST and SCA to container and IaC scanning, and how these integrate into the developer workflow for enhanced security and compliance. We'll discuss priority scoring, reachability analysis, and custom integrations. Join us as we examine the potential of Snyk to shift security left, making it an integral part of the development process. This approach can significantly enhance the security posture of applications from the outset, reducing vulnerabilities and ensuring compliance.
Unlocking Code Excellence with SonarQube: Scaling SAST and CI/CD Security
Discover how SonarQube Enterprise can elevate your code quality and security posture by enforcing Quality Gates, customizing SAST rules, and integrating with popular CI/CD tools. Learn from experts how to leverage SonarQube for comprehensive code analysis and security hotspot triage. This episode dives into the nuances of SonarQube as a code scanner versus dedicated SAST tools and explores best practices for portfolio reporting and integration with GitHub, GitLab, and Azure DevOps.
Continuous Security Gate with Snyk and SonarQube in GitLab CI
Integrating code scanning and vulnerability assessments directly into pull request cycles.