Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ivanmar
Employee Alumnus
Employee Alumnus

Shiftleft CICD Integration

In this post, we are going to show how to integrate Shiflett into a modern CI/CD orchestrator like Gitlab. We will take the perspective of an application developer that integrates Shiftleft blades into the CI/CD pipeline and how leverages Shiftleft information to start solving vulnerabilities detected in the code, container image that the pipeline build as well as an infrastructure project that uses Terraform.

The following is a short description of Shiftleft modules also known as blades:

  • code-scan: Using as input a directory that contains a Git repository, Shiftleft will scan it for vulnerabilities, weak coding practices, sensitive content, and malicious files among other categories
  • image-scan: Using as input a  container image, compressed into a file, this blade will apply all the capabilities already provided by code-scan and will add on top of that the scanning of OS-level packages included in the container image.
  • iac-assessment: In combination with CloudGuard, Infrastructure as code assessment allows users to apply policies to their Terraform projects. The mechanism to define those rules is by making use of CloudGuard Governance Specification Language (GSL). A high-level, human-friendly language.  
2 Replies
Daniel_Kavan
Advisor
Advisor

Can shiftleft be used for on premise security or just cloud?  We are using Kubernetes & podman on premise.   

0 Kudos
StuartGreen
Employee
Employee

Yes if you're running a locally hosted solution like Gitlab or Jenkins it can work there too - you just need to authenticate it against your CloudGuard solution. 

0 Kudos
Upcoming Events

    CheckMates Events