CI/CD pipelines play a critical role in accelerating software delivery and driving rapid innovation. However, the rapid pace of these environments comes with an equally heightened risk of security missteps, requiring a new set of security best practices to ensure CI/CD integrity. While performing image scans to check for known vulnerabilities remains a cornerstone of CI/CD security, it should be one of many security initiatives that should be implemented in your pipeline to protect your application.

Join us in this fireside chat, as we delve into some of the key considerations and best practices when securing your CI/CD pipelines in cloud-native environments.
  • Common CI/CD threats and the attack surface, including insecure code, poisoned pipeline execution, exposed secrets, use of third party service, and more
  • Best practices to harden your environment related to: Authentication and access control, Dev environment best practices, such as keeping tools, software, and OS up to date, Development best practices including embedding security scanning into the CI/CD pipeline, generating SBOMs, and more
Jesse Davis
Moderator, Chief Technologist. - DZone
As the Chief Technologist @ DZone, Jesse is responsible for guiding the strategic direction of products and helping customers build the world’s largest, most engaging developer communities for companies like Disney, Amazon, SAP, Pixar, and Unity. Jesse has been building enterprise software and engineering teams for 25 years and is a respected executive, author, speaker, and coach. Jesse serves as a software industry advisor and, prior to Devada, Jesse developed the first data access for Java and served as an expert an innovator on industry data standards including JDBC, ODBC, and ANSI SQL.
Burr Sutter
Chief Developer Evangelist, Red Hat
A lifelong developer advocate, community organizer and technology evangelist, Burr Sutter is a featured speaker at technology events around the globe. A Java Champion since 2005 and former president of the Atlanta Java User Group, Burr founded the DevNexus conference to make access to the world’s leading developers affordable to the developer community.
Ix-chel Ruiz
Developer Advocate, JFrog
Ix-chel Ruiz has developed software application & tools since 2000. Her research interests include Java, dynamic languages, client-side technologies and testing. Java Champion, Oracle ACE pro, Test containers Community Champion, CDF Ambassador, Hackergarten enthusiast, Open Source advocate, public speaker and mentor.
Register To Watch Recording
First Name*
Last Name*
Email Address*
Phone Number*
Street Address*
Postal/Zip Code*
Job Title*
Job Function*
Company Size*