Secure and Defend Reading Checklist
General:
-
Getting started with GitLab CI/CD -
GitLab CI/CD Examples -
Threads -
MRs -
Sec Department Vision & Growth -
Announcing GitLab for DevSecOps -
Results of Stakeholder Interviews for the Secure Stage -
Kubernets Pods and Nodes -
GitLab University 1.2 and 2.3
Overview App Security:
Secure:
-
SAST -
DAST -
Secret Detection -
IAST -
Fuzzing -
Dependency Scanning -
Container Scanning -
License Compliance -
Vulnerability Database (no official GitLab resource provided)
Defend (in the following order):
- WAF:
-
ModSecurity Reference Manual (Introduction - Core Rules Content) -
ModSecurity FAQ
- Vulnerability Management:
- RASP:
- Threat Detection:
- UEBA:
- DLP:
- Storage Security:
- Container Network Security:
Edited by Becka Lippert