DevSecOps Workflow with GitHub Actions | The Way of the Future

"GitHub Actions has emerged as one of the top pieces of tech in the DevOps and CI/CD scene." - That's AppSecEngineer instructor Abhay Bhargav talking about GitHub Actions, a tool rapidly gaining popularity among product teams around the globe.

In this video, you'll be looking at:

• How to trigger #SAST workflows with #GitHubActions
• How to use GitHub to consume different types of reports from #SASTtools
• How to work with SARIF file format

Check out the full video for an in-depth look at GitHub Actions and how it can play a central role in your #DevSecOps workflow.

#AppSecEngineer is a powerful training platform that delivers amazing hands-on training on AppSec, AWS Security, Cloud Security, Kubernetes, Container Security and Advanced Application Security.

AppSecEngineer is ideal for job seekers, knowledge seekers and companies that want to get their workforce equipped to handle real-world security issues with their newly minted and highly educated AppSec Engineers

Chapters 0:00 Pre-Start Intro
01:06 Intro 01:31 Create Github project 02:01 Creating Github repository 05:32 Using Semgrep 07:03 Leveraging static analysis workflow with Github actions 07:43 Code scanning insights in Github repository 08:20 Using Sarif capabilities of Github Actions 12:49 Run the static analysis

Learn more about DevSecOps at: https://appsecengineer.com/courses/github-actions-for-devsecops/

Twitter: https://twitter.com/AppSecEngineer

Linkedin: https://www.linkedin.com/company/appsecengineer/ ... https://www.youtube.com/watch?v=by25ZKJ6ENU