Modern Software Engineering

VH24 Shift Left on Security with GitHub


2:45pm - 4:00pm

Level: Introductory

Esteban Garcia


Xebia | Xpirit

Applications are under attack and developers become the first line of defense by protecting the code and ensuring that we are applying security best practices.

There are several methods to attack your code, from directly inserting malicious code into your repo, to taking over an account or compromising a signing key to distribute software that isn’t officially part of a component, and many other ways.

It's simple to talk about shifting left on security, but how exactly are you supposed to do that? What tools should you be using and how do you apply them in a way that helps you release with confidence? We will cover the concept of application security, talk about tools available to you and ways that you can help ensure that tools don't get in the way of development.

You will learn:

  • GHAS features
  • Understand what is meant by shifting left on security
  • AS a developer, what can I do to improve the security posture of my application