Implementation of SAST, DAST and SCA code analysis in CI/CD, secrets detection, container analysis and IaC security analysis in SCMs such as Azure DevOps or GitHub.
Establish security automations in Python and Bash within an S-SDLC, setting Security Gates and Security Policies based on different standards, such as OWASP.
Integration of issues in vulnerability repositories such as Defect Dojo, following up on the correction of issues by implementing Security Champion programs.
© 2024 - Julian Fonticoba | Template: Kevin Gilbert