►
From YouTube: Group Conversation March 8 2021 - Security Awards update
Description
Security Awards Program update by Philippe Lafoucrière, Distinguished Security Engineer. The leaderboards are now updated automatically via the project pipeline.
A
Hi,
this
is
philipp,
I'm
a
distinguished
security
engineer
at
git
lab
and
today
we're
going
to
talk
about
the
security
awareness
program.
So
the
security
awareness
program
is
a
program
that
we
just
launched
in
the
last
quarter,
and
the
goal
of
this
program
is
is
to
incentivize
security
initiatives
from
gitlab
members
and
the
community
to
serve
as
many
security
related
problems
as
possible.
A
Everyone
is
entitled
to
participate,
actually,
there's
nothing
to
do.
The
security
department
is
going
to
nominate
people
directly
using
some
labels
and
we
have
what
we
call
the
conceal
issue
where
we're
going
to
vote
for
the
best
initiatives
every
week
and
the
number
of
votes
is
going
to
determine
the
number
of
points
that
we're
going
to
give
away
to
the
participants
and
at
the
end
of
the
quarter,
the
winners
will
be
entitled
to
receive
some
nice
prices.
We
also
have
a
yearly
contest
that
just
started
this
year.
A
A
A
A
We
are
also
sending
some
congratulations.
Congratulations
message
here
from
the
gitlab
boat,
so
all
of
this
is
done
within
this
small
cli
program.
We
don't
have
any
service
running
as
of
today.
It's
only
a
cli
running
in
the
pipeline
and
to
give
you
an
idea
of
how
it
works.
This
is
the
typical
pipeline,
we're
building
the
wall,
a
program
or
building
a
docker
image
and
we're
using
this
docker
image
to
generate
the
leaderboards.
A
The
prices
page
validate
the
data
and
everything,
but
also
the
data
is
stored
within
the
repository
directory
in
flat
embl
file,
and
this
yaml
file
is
updated
directly
by
the
pipeline.
So
when
we
close
an
issue,
it's
going
to
update
the
dot
awards.cml
file
here
in
the
data
folder,
you
can
see
here.
The
difference
we
are
nominating
and
awarding
stephen
bronze
was
nominated
by
victor
de
souza
and
we
are
generating
this
this
entry
and
this
entry
is
going
to
generate
a
merge
request.
A
So
this
merge
request
here
is
exactly
what
we've
seen
here.
We
are
in
the
category
development.
We
have
four
different
categories
in
this
program.
We
have
development,
engineering,
non-engineering
and
community,
and
so
this
merge
request
is
requiring
the
approval
of
someone
in
the
absence
leadership
group
that
we
have
here
lawrence
hita
and
james
and
myself.
A
So
here
we
can
see
the
introduction
of
steve
abrams
domination,
with
the
300
points
that
we've
seen,
because
there
were
three
votes,
and
so
this
job
is
going
in
turn
to
generate
a
merge
request
in
the
handbook
by
the
gitlab
boat,
which
is
pretty
sweat,
straightforward.
It's
going
to
update
the
markdown
page,
it's
a
very
simple
way
to
display
the
the
ranking,
and
so
the
market
on
page
is
displayed
as
this
in
the
indian
book
directly.
There's
nothing
really
fancy
with
that.