Automated software security activities in a continuous delivery pipeline
Master thesis
Permanent lenke
https://hdl.handle.net/11250/2788233Utgivelsesdato
2021Metadata
Vis full innførselSamlinger
- Studentoppgaver (TN-IDE) [866]
Sammendrag
Due to the rise of cyberattacks in IT companies, Software security has become a topic for debate. Currently, to secure their products, companies often use manual methods, which makes development stalled and inefficient. To speed up a software development lifecycle, security work needs to be integrated and automated into the development process. This thesis will provide an initial solution for automating the security phase into a continuous software delivery process. This solution involves integrating security tools into a Github repository by using Github Actions to create automated vulnerability scanning workflows for a software project. The solution will then be tested and evaluated with three open-source projects and one project from our sponsor, Volue.