Implementing Security in the Build Phase of DevOps
The goal of the build phase is to make sure the code compiles successfully and is ready to use. Implementing DevSecOps for these phases should include checking for vulnerabilities in the code before it is compiled, protecting the build process against security vulnerabilities and misconfigurations that could compromise the integrity of the code, and ensuring that the compiled application does not contain any security vulnerabilities that could compromise system or user data.
By the end of this chapter, you will have a solid understanding of the following:
- Hardening our build process to make it more secure
- Integrating SAST, SCA, and secret scanning into the build process
Let’s get started!