mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-13 22:54:53 +03:00
mukul975
34 lines
1.2 KiB
Markdown
34 lines
1.2 KiB
Markdown
---
|
|
name: implementing-devsecops-security-scanning
|
|
description: >
|
|
Integrate security scanning into CI/CD pipelines using tools like Semgrep,
|
|
Trivy, and Gitleaks. Covers SAST, SCA, container scanning, and secret
|
|
detection with structured JSON output for pipeline gates.
|
|
domain: cybersecurity
|
|
subdomain: application-security
|
|
tags: [devsecops, sast, sca, container-security, ci-cd]
|
|
version: "1.0"
|
|
author: mahipal
|
|
license: Apache-2.0
|
|
---
|
|
|
|
# Implementing DevSecOps Security Scanning
|
|
|
|
Automate SAST, SCA, container image, and secret scanning in CI/CD
|
|
pipelines with fail/pass gates based on severity thresholds.
|
|
|
|
|
|
## When to Use
|
|
|
|
- When deploying or configuring implementing devsecops security scanning capabilities in your environment
|
|
- When establishing security controls aligned to compliance requirements
|
|
- When building or improving security architecture for this domain
|
|
- When conducting security assessments that require this implementation
|
|
|
|
## Prerequisites
|
|
|
|
- Familiarity with application security concepts and tools
|
|
- Access to a test or lab environment for safe execution
|
|
- Python 3.8+ with required dependencies installed
|
|
- Appropriate authorization for any testing activities
|