Tutorial: Integrating a custom security scanner with GitLab

Описание: GitLab is a DevSecOps platform or single integrated environment which provides all the tools necessary for Development, Security, and Operations. Additionally, GitLab is extensible, allowing you to integrate external applications to further enhance functionality.

This video will show you how to create and integrate a custom security scanner with GitLab. This scanner can scan your GitLab projects for Personal Identifiable Information (PII) based off of provided regex patterns. The scanner will then populate several areas of GitLab such as the merge request security widget, vulnerability report, security dashboard, and more. These integration points allow for reduced context switching and enhanced developer productivity.

OUTLINE:
0:00 - Introduction
0:28 - Extensibility Benefits
1:00 - Security Scanner Integration Points
1:24 - Creating a Custom Security Scanner in Go
8:12 - Running the Custom Security Scanner on a GitLab Project
9:53 - Security Pipeline Tab Integration
10:53 - Merge Request Security Widget Integration
11:55 - Security Policy Integration
12:29 - Vulnerability Report Integration
12:48 - Vulnerability Pages Integration
13:35 - Security Dashboard Integration
14:25 - Security Scanner Integration Flowchart
15:21 - Conclusion

USEFUL LINKS:
Custom scanner integration demo project: https://gitlab.com/gitlab-de/tutorial...
Integrating a custom scanner with GitLab documentation: https://docs.gitlab.com/ee/developmen...
GitLab integrations: https://docs.gitlab.com/ee/integration/
GitLab security report schemas: https://gitlab.com/gitlab-org/securit...
GitLab security and governance solutions: https://about.gitlab.com/solutions/se...
GitLab application security documentation: https://docs.gitlab.com/ee/user/appli...

Thanks for watching! Be sure to subscribe and follow @awkwardferny and @Gitlab on twitter for similar content.