Injecting Security and Compliance Into Your CI/CD pipeline with Vault and GCP

Automate compliance and security scans along with secrets management into your development and delivery workflow.


In security circles, you'll often hear talk of "shift-left" mindsets. More security responsibility and mitigation is moving into the hands of developers and architects (system design). To support that shift, tools are beginning to catch up with new security paradigms and allow teams to implement security as code and secure development / delivery lifecycles.

In this presentation at the Google Cloud digital conference, Senior HashiCorp Solutions Engineer Ryan Hall will walk through a demo of several tools and services that teams can use to secure their CI/CD pipeline and build automated security compliance into their coding and container deployment workflows.

This talk will cover: - How container security is different - What container security often looks like - How container security should look - Solutions: - HashiCorp Vault - Container registry vulnerability scanning - Binary authorization by Google Cloud - Q&A

More resources like this one

  • 2/3/2023
  • Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

  • 1/5/2023
  • Case Study

How Discover Manages 2000+ Terraform Enterprise Workspaces

  • 12/13/2022
  • White Paper

A Field Guide to Zero Trust Security in the Public Sector

  • 9/26/2022
  • Case Study

How Deutsche Bank onboarded to Google Cloud w/ Terraform