CI/CD Compliance

7 Proven Steps: SLSA 1.1 Implementation in CI/CD

Leave a Comment / CI/CD Compliance, Vulnerability & Threat Response /

7 Proven Steps: SLSA 1.1 Implementation in CI/CD TL;DR (for dev & engineering leaders) SLSA 1.1 raises the bar on build integrity and provenance. This guide gives you drop-in CI steps to: 1) generate provenance for every build, 2) sign artifacts & SBOMs, 3) verify at deploy, 4) block unsigned or policy-violating releases, 5) run […]

7 Proven Steps: SLSA 1.1 Implementation in CI/CD Read More »

7 Powerful Steps: Add an ASVS 5.0 Gate to CI/CD

7 Powerful Steps: Add an ASVS 5.0 Gate to CI/CD

1 Comment / CI/CD Compliance, Vulnerability & Threat Response /

7 Powerful Steps: Add an ASVS 5.0 Gate to CI/CD Shipping features is great—shipping evidence-backed security is better. This post turns ASVS 5.0 into executable CI/CD checks using GitHub Actions, Semgrep, Bandit, and DAST in GitHub Actions via ZAP Baseline. You’ll get ready-to-paste workflows, tiny diffs for SSRF/IDOR/token handling, and a way to store “evidence

7 Powerful Steps: Add an ASVS 5.0 Gate to CI/CD Read More »

Cyber Rely Logo cyber security
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.