GitLab Security Virtual Workshop for Public Sector: Shifting Security Left

This workshop is designed for public sector organizations.

Rapid iterations of DevOps, along with a host of new tools, can make an application security program seem like a square peg in a round hole as agencies try to push Sec into the middle of DevOps. At the same time, agency missions rely on a more dynamic environment that can introduce new security challenges, particularly as they scale.

In this session, we will provide hands-on examples with you in the driver’s seat and explore:

• Details of exactly how to shift left, from both the developer’s perspective and the security team’s perspective, with workflows for each.

• Understand how vulnerabilities are found by the developer within their CI pipeline and actions to take

• See how early visibility can reduce your risk and eliminate effort to help you scale your ATO process.

• Automate and monitor your security policies.

• Security challenges of next gen software and steps you can take now.

 Agenda

• 9:00am: Intro and Technology Overview

• 9:10am: DevSecOps Highlights and Q&A

• 9:50am: Part 1 - What you do as Dev

• 10:20am: Part 2 - What you do as Sec

• 10:45am: Part 3 - Walkthrough of Dev then Sec (Demo)

• 11:45am: Q&A and Closing

To participate in the workshop, you will need a laptop with the latest version of Google Chrome and Zoom installed.