►
From YouTube: Spikes for Security Orchestration Policy: how to enforce having given scan in your pipeline
Description
In this video we are going through some spikes related to Security Orchestration Policy​ and we are presenting current state of the work and general idea of how this could be implemented on the backend side.
This part of the video shows changes made in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/52661/diffs?commit_id=e3cab09feb477f68688ee28db81592886e168053
A
Hello,
everyone,
my
name,
is
alan
persiuski
senior,
pickens
engineer
for
threat
management.
I'd
like
to
talk
to
you
shortly
about
having
security
organization
policies
within
in
yaml
repository
and
I'd
like
to
show
you
something:
that's
working
and
we're
going
to
improve
that.
Okay.
So
here
we
are,
we
have
a
simple
project,
that's
rails
project
and
currently
it
is
not
configured
to
have
the
security
acquisition
policies.
Okay,
I'm
gonna
run
the
pipeline
now
and
this
pipeline
I'll
just
go
quickly
to
to
our
ci
yellow
file.
A
A
A
So,
as
you
can
see,
currently
it
was
disabled
all
right,
so
I'll
enable
that
so
one
thing
to
to
mention
I
because
we
don't
have
ui
yet
for
it.
I
already
connected
this
project
with
policies,
so
this
repository
policies
with
the
project
that
I'm
using
to
test
it.
Okay,
so
I'm
going
to
enable
it
okay,
sas
is
enabled
right
now,
all
right
now
I
can
go
back
to
pipelines.
It'll
trigger
the
pipeline
again.
A
Okay,
so
I'm
running
in
for
masters,
I
want
to
emphasize
one
thing
so
here
I
selected
that
I'm
gonna
run
for
pipeline
for
this
branch
and
we're
using
wildcard
here.
So,
whatever
branch
we
have,
it
will
it'll
run
and
actually
scan
sas.
Okay,
now
I'll
go
back
to
the
secret
detection
and
I'll
enable
it
in
a
minute,
but
first
we
need
to
take
a
look
at
the
pipeline
view
and
see
if
indeed,
we
have
included
sas
scans
into
our
pipeline.
A
A
Okay,
it's
enabled
and
I
will
go
back
and
I'll
trigger
a
new
pipeline
and
I
will
see
if
this
prediction
was
added
or
not.
So
I
know
that
mvc
and
apex,
and
so
on.
We
are
all
informing
about
we'll
first
include
tasks,
because
I
don't
want
to
configure
my
cluster
true
to
actually
deploy
the
application
as
fast.
A
I
wanted
to
quickly
show
you
the
idea
that
stays
behind
it
I'll
be
preparing
dmr
with
mvc,
just
to
show
you
the
code,
because
there's
only
a
few
lines
of
code
that
was
changed
due
to
have
that
so
I'll
I'll
include
that
in
the
link
in
the
description
of
this
video,
but
let's
first
take
a
look:
if
we
have
the
section
detection-
yes,
yes,
we
have
it
okay,
so
that
would
be
it.
Thank
you.
Everyone.