https://community.checkpoint.com/t5/DevSecOps/Shiftleft-CICD-Integration/m-p/215751#M133 <P>Can shiftleft be used for on premise security or just cloud?&nbsp; We are using Kubernetes &amp; podman on premise.&nbsp; &nbsp;</P> Thu, 30 May 2024 16:31:39 GMT Daniel_Kavan 2024-05-30T16:31:39Z https://community.checkpoint.com/t5/DevSecOps/Shiftleft-CICD-Integration/m-p/111841#M51 <P><div class="lia-vid-container video-embed-center"><div id="lia-vid-6235297645001w480h270r441" class="lia-video-brightcove-player-container"><video-js data-video-id="6235297645001" data-account="6058022097001" data-player="default" data-embed="default" class="vjs-fluid" controls="" data-application-id="" style="width: 100%; height: 100%;"></video-js></div><script src="https://players.brightcove.net/6058022097001/default_default/index.min.js"></script><script>(function() { var wrapper = document.getElementById('lia-vid-6235297645001w480h270r441'); var videoEl = wrapper ? wrapper.querySelector('video-js') : null; if (videoEl) { if (window.videojs) { window.videojs(videoEl).ready(function() { this.on('loadedmetadata', function() { this.el().querySelectorAll('.vjs-load-progress div[data-start]').forEach(function(bar) { bar.setAttribute('role', 'presentation'); bar.setAttribute('aria-hidden', 'true'); }); }); }); } }})();</script><a class="video-embed-link" href="https://community.checkpoint.com/t5/video/gallerypage/video-id/6235297645001">(view in My Videos)</a></div></P> <P>In this post, we are going to show how to integrate Shiflett into a modern CI/CD orchestrator like <A href="https://about.gitlab.com/" target="_blank" rel="noopener">Gitlab</A>. We will take the perspective of an application developer that integrates Shiftleft blades into the CI/CD pipeline and how leverages Shiftleft information to start solving vulnerabilities detected in the code, container image that the pipeline build as well as an infrastructure project that uses Terraform.</P> <P>The following is a short description of Shiftleft modules also known as blades:</P> <UL> <LI><STRONG>code-scan</STRONG>: Using as input a directory that contains a Git repository, Shiftleft will scan it for vulnerabilities, weak coding practices, sensitive content, and malicious files among other categories</LI> <LI><STRONG>image-scan</STRONG>: Using as input a&nbsp; container image, compressed into a file, this blade will apply all the capabilities already provided by code-scan and will add on top of that the scanning of OS-level packages included in the container image.</LI> <LI><STRONG>iac-assessment</STRONG>: In combination with CloudGuard, Infrastructure as code assessment allows users to apply policies to their Terraform projects. The mechanism to define those rules is by making use of <A href="https://sc1.checkpoint.com/documents/CloudGuard_Dome9/Documentation/PostureManagement/GSL.html" target="_blank" rel="noopener">CloudGuard Governance Specification Language</A> (GSL). A high-level, human-friendly language.&nbsp;&nbsp;</LI> </UL> Thu, 25 Feb 2021 17:20:08 GMT https://community.checkpoint.com/t5/DevSecOps/Shiftleft-CICD-Integration/m-p/111841#M51 ivanmar 2021-02-25T17:20:08Z https://community.checkpoint.com/t5/DevSecOps/Shiftleft-CICD-Integration/m-p/215751#M133 <P>Can shiftleft be used for on premise security or just cloud?&nbsp; We are using Kubernetes &amp; podman on premise.&nbsp; &nbsp;</P> Thu, 30 May 2024 16:31:39 GMT https://community.checkpoint.com/t5/DevSecOps/Shiftleft-CICD-Integration/m-p/215751#M133 Daniel_Kavan 2024-05-30T16:31:39Z https://community.checkpoint.com/t5/DevSecOps/Shiftleft-CICD-Integration/m-p/216501#M134 <P>Yes if you're running a locally hosted solution like Gitlab or Jenkins it can work there too - you just need to authenticate it against your CloudGuard solution.&nbsp;</P> Wed, 05 Jun 2024 11:55:40 GMT https://community.checkpoint.com/t5/DevSecOps/Shiftleft-CICD-Integration/m-p/216501#M134 StuartGreen 2024-06-05T11:55:40Z