Application Security Scanning in the Repository: Best Practices

Historically, if organizations wanted to automate and enforce application security testing, the best place to do that was within CI/CD pipelines. As time went on, we realized that while pipeline scanning has its place in securing applications, it doesn't scale as more and more plugins are needed and with that, the task of managing them becomes its own headache.

In addition, development teams don't typically work in pipelines. They work with code repositories, commits, merges, and pull requests. To get closer to being truly part of a development team's native workflow, application security needed to be in the code repository ecosystem.

Learn why scanning applications in the repository is the best way to secure your applications. From enforcing policies to providing feedback on demand, to preventing context switching, scanning in the repository is the most effective way to secure your applications and reduce your risk.

Susan St. Clair

Director of Product Management - WhiteSource

Susan St. Clair is a passionate cybersecurity advocate at WhiteSource Software, the remediation-centric application security software company. Possessing over 14 years of product management and strategy experience, Susan is responsible for raising awareness of the market need for the newest generation of application security testing solutions and challenges while supporting WhiteSource Software's product roadmap and overall direction.

Susan is certified in pen testing from the IACRB, and in her spare time, she enjoys educating application development teams on ways to streamline their work processes, raising awareness of API security in the AppSec community, and running in races benefiting charities such as Easterseals, SickKids and Camp Ooch.

Webinar

Think About Your Audience Before Choosing a Webinar Title

What You’ll Learn in This Webinar

Register to Watch Now:

this webinar starts in

What You’ll Learn in This Webinar

About the Hosts