Automated software security activities in a continuous delivery pipeline
dc.contributor.advisor | Gilje Jaatun, Martin | |
dc.contributor.advisor | Nygård, Jarle | |
dc.contributor.advisor | Doroszuk, Arkadiusz | |
dc.contributor.author | Chalishhafshejani, Sohrab | |
dc.contributor.author | Pham, Bao Khanh | |
dc.date.accessioned | 2021-10-06T15:51:19Z | |
dc.date.available | 2021-10-06T15:51:19Z | |
dc.date.issued | 2021 | |
dc.identifier | no.uis:inspera:73533758:49625241 | |
dc.identifier.uri | https://hdl.handle.net/11250/2788233 | |
dc.description.abstract | Due to the rise of cyberattacks in IT companies, Software security has become a topic for debate. Currently, to secure their products, companies often use manual methods, which makes development stalled and inefficient. To speed up a software development lifecycle, security work needs to be integrated and automated into the development process. This thesis will provide an initial solution for automating the security phase into a continuous software delivery process. This solution involves integrating security tools into a Github repository by using Github Actions to create automated vulnerability scanning workflows for a software project. The solution will then be tested and evaluated with three open-source projects and one project from our sponsor, Volue. | |
dc.description.abstract | ||
dc.language | eng | |
dc.publisher | uis | |
dc.title | Automated software security activities in a continuous delivery pipeline | |
dc.type | Master thesis |
Files in this item
This item appears in the following Collection(s)
-
Studentoppgaver (TN-IDE) [823]
Studentoppgaver i informasjonsteknologi, datateknikk / kybernetikk, signalbehandling