Application Security Scanning in the Repository_ Best Practices

Presented by

SUSAN ST. CLAIR Director of Product Management - WhiteSource

About this talk

Historically, if organizations wanted to automate and enforce application security testing, the best place to do that was within CI/CD pipelines. As time went on, we realized that while pipeline scanning has its place in securing applications, it doesn't scale as more and more plugins are needed and with that, the task of managing them becomes its own headache. In addition, development teams don't typically work in pipelines. They work with code repositories, commits, merges, and pull requests. To get closer to being truly part of a development team's native workflow, application security needed to be in the code repository ecosystem. Learn why scanning applications in the repository is the best way to secure your applications. From enforcing policies to providing feedback on demand, to preventing context switching, scanning in the repository is the most effective way to secure your applications and reduce your risk.

Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (196)
Subscribers (16767)
Mend, formerly known as WhiteSource, effortlessly secures what developers create. Mend uniquely removes the burden of application security, allowing development teams to deliver quality, secure code, faster. With a proven track record of successfully meeting complex and large-scale application security needs, the world’s most demanding software developers rely on Mend. The company has more than 1,000 customers, including 25 percent of the Fortune 100, and manages Renovate, link here, the open-source automated dependency update project. For more information, visit, the Mend blog, and Mend on LinkedIn and Twitter.