cotalks.dev
Orgs
Login
Secure Stage
Channel:
GitLab Unfiltered
Videos (198)
1 — VS Code security findings demo
2 — Generate SBOM in Container Scanning for Trivy-based analyzers
3 — Webinar - Secure - Implementing Security Scans and Dashboards
4 — Secure/Create Sync on VS Code Extension
5 — Threat Insights Weekly Group Discussion
6 — 2020-04-02 Dependency Scanning Offline environment demo for JS projects with npm
7 — License Compliance Air Gap Live Demo 2020 03 25
8 — sast air gap live demo 2020 03 20
9 — Demo of SAST in an Air-gapped/offline environment
10 — GitLab 13.3 Kickoff - Secure:Threat Insights
11 — GitLab 12.8 Kickoff - Secure:Dynamic Analysis
12 — Secure & Defend Monthly Release Kickoff - 13.5
13 — DAST Policy Sync
14 — Threat Insights weekly group discussion 2021-03-02
15 — Planning Discussion: Generic Security Reports
16 — GitLab 12.8 Kickoff - Secure:Static Analysis
17 — Walkthrough for MR: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/35624
18 — Secure & Defend Section Group Conversation 2020-05-05
19 — Secure & Defend Section Group Conversation Presentation Preview: June 2020
20 — Secure & Defend Group Conversation Preview: 2020-09-17
21 — Url sync component meeting
22 — Defend - Kubernetes WAF Enablement MVC demo
23 — GitLab Vulnerability Management / Jira integration
24 — Vulnerability Management feature and workflow walkthrough
25 — Container Scanning Transition Sync Session
26 — Dogfooding License Approval Policies
27 — Sec PM / Security Department Monthly Sync Up - April 2022
28 — Sync on displaying application vulnerability detected by container scanning
29 — 12 4 Kickoff for Secure Software Composition Analysis
30 — GitLab 13.1 Kickoff - Secure:Composition Analysis
31 — Why to use GitLab with Terraform Cloud
32 — Fuzzing Artifacts Download Demo - Merge request page and pipeline download page.
33 — Corpus Management Demo Part 1
34 — Corpus Management Proof of Concept - Apollo Client Demo
35 — API Fuzzing Request/Response data overview
36 — Demo !27058 /Change license classification dropdown selection to `deny` and `allow` in policy tab UI
37 — WIP: Dependency Scanning Airgap demo - Retire.JS Analyzer
38 — Overview of troubleshooting MR widget for MR from forked repo.
39 — How project fingerprint is used in Gitlab backend
40 — Session prep review: container scanning related UX
41 — Container Scanning Autoremediation Demo
42 — BrownBag: Generic Security Reports
43 — Brown Bag: Generic Semantic Version Matching
44 — Secure: Composition Analysis Lunch n Learn - What are the different Application Security Tests (AST)
45 — 2020.03.16 - Secure Brainstorming
46 — Secure & Defend Section Group Conversation Preview: 2020-08-06
47 — Secure Section Group Conversation (Public Livestream)
48 — Secure Group Conversation
49 — UX Showcase - DAST scan site validation
50 — UX Showcase: License Compliance
51 — Secure Section - Brown bag on the secure Data Model
52 — Discovery conclusion and UX review: auto-remediation MVC
53 — UX iteration review: auto-remediation MVC
54 — Secure UX review: license compliance policy discovery
55 — Group UX Review: Security Dashboard
56 — Secure::Software Composition Analysis Group - features overview
57 — secure UX: front-end updates to auto-create merge request MVC
58 — Secure UX: security approval rules recommendations
59 — Secure UX, ideation: introduce group license compliance
60 — Secure UX: iteration on DAST & Container scanning configuration
61 — Baseline Experience: Security Dashboard
62 — Baseline Walkthrough: License Management
63 — Secure UX iteration review: license compliance, displaying policy violations
64 — Secure UX iteration review: dependency list
65 — Secure UX iteration review: user awareness when solutions are available in merge request
66 — UX Scorecard for Security What is Day 1 Experience for people to use Security feature
67 — Baseline Experience Recommendation (part 2): Security Dashboard
68 — Secure UX, ideation review: show dependency path in the dependency list
69 — Group UX Feedback: Day I and setup UX for Secure features
70 — Secure UX iteration review: align license classifications to user expectations
71 — Secure UX: ideation on getting feedback from user prompted in UI
72 — Secure UX, discovery kickoff: security bot member
73 — 2023 Development Team Days - Dynamic Analysis
74 — License-DB metrics and logs architecture for Reliability
75 — Sec Section Strategy Review Q&A - November 2023
76 — Secure::Composition Analysis - Continuous Vulnerability Scanning for Dependency Scanning Demo
77 — Dependency Scanning - Workaround for monorepo
78 — Demo of OCS vulnerability scan using Trivy K8s cli
79 — Secure Stage Strategy Review - November 2023
80 — Automatic response to leaked credentials on all public branches (demo) – GitLab 15.11
81 — GitLab SAST Automatically resolving SAST findings Demo
82 — Demo: Automatic revocation of leaked Personal Access Tokens
83 — Secure Stage Strategy Review - December 2022
84 — Sec Section Strategy Review - September 2022
85 — Async PM Update for Composition Analysis Group Meeting 2022-06-13
86 — GitLab SAST Specifying a remote ruleset configuration Demo
87 — April 2023 Secure Stage Strategy Q&A
88 — Secure Stage Strategy Review: 2021-09
89 — CI Component Catalog Q&A with Secure and Verify
90 — Secure Stage Strategy Review - April 2023
91 — Secure:Threat Insights - Weekly group discussion 2022-01-18
92 — Secure:Composition Analysis Dependency List Example
93 — Secure:Threat Insights weekly group discussion 2021-11-23
94 — Secure Software Composition Analysis issue 321081 2021-07-05
95 — Secure & Protect Stage Weekly Meeting June 2 2021 EMEA/AMER Friendly
96 — Secure Composition Analysis Group 2022 Product Manager Thoughts
97 — Secure & Protect Stage Weekly Meeting May 26 2021 AMER/EMEA Friendly
98 — Secure Stage - Compatibility between analyzers and backend
99 — Secure:Threat Insights group discussion 2021-04-06
100 — Testing the user experience with DAST aggregate vulnerabilities
101 — Growth team & Sec Section brainstorming
102 — Iteration Retro 14.5 - Secure:Composition Analysis
103 — Secure:Threat Insights - Weekly Group Discussion 2021-10-13
104 — Coffee Chat about the Protect Stage Development Process
105 — Secure:Threat Insights group discussion 2021-07-20
106 — Secure & Protect Stage Weekly Meeting June 16 2021 EMEA/AMER Friendly
107 — Sec PM / Security Department Monthly Sync Up - June 2021
108 — Dynamic Application Security Testing (DAST) applied to WebGoat
109 — Secure & Protect Stage Weekly Meeting June 23 2021
110 — Secure & Protect Stage Weekly Meeting June 9 2021 EMEA/AMER Friendly
111 — Composition Analysis Show & Tell 2021-04-29 - Criticality and Risk Scores
112 — Secure:Threat Insights group discussion 2021-03-30
113 — Secure:Threat Insights group discussion 2021-04-13
114 — Secure discussion - Consistency in default behaviour of AST scanners and jobs
115 — Browserker Authentication Demo
116 — Secure Stage Strategy Quarterly Review Pre-Record: 2021-03
117 — Secure::Dynamic Analysis weekly meeting for 2021-03-02
118 — Threat Insights - Weekly group discussion APAC, 2021-02-16
119 — Secure::Static Analysis weekly team meeting for 2021.02.08
120 — Secure::Static Analysis weekly meeting for 2020.10.26
121 — Secure::Static Analysis weekly meeting for 2021.01.25
122 — Secure::Static Analysis weekly meeting for 2021.01.11
123 — Secure::Static Analysis weekly meeting for 2021.01.04
124 — Secure::Static Analysis weekly meeting for 2020.12.14
125 — Secure::Static Analysis weekly meeting for 2020.12.07
126 — Secure::Static Analysis weekly meeting for 2020.11.16
127 — Secure::Static Analysis weekly meeting for 2020.11.09
128 — Secure::Static Analysis weekly meeting for 2020.11.02
129 — Secure::Static Analysis weekly meeting for 2020.10.19
130 — Secure::Static Analysis weekly meeting for 2020.11.30
131 — GitLab SAST Customize Rulesets Demo
132 — Secure Stage Strategy Quarterly Review: 2020-12-09
133 — Secure Brainstorming - Splitting Analyzers Common
134 — Sec PM / Security Department Monthly Sync Up
135 — Secure: Threat Insights Weekly Group Discussion 2020-10-06
136 — 2020.09.28 - Secure::Static Analysis team meeting
137 — Secure 13.4 retro conversation - APAC
138 — CVE ID Request Button Background & Explanation
139 — On-demand DAST scan issue walk-through
140 — Secure workgroup on splitting build and analyze in the pipeline, July 15th, 2019
141 — Secure Team: Group-level Security Dashboard - Part II
142 — 2020.05.06 - SAST to Complete working session 2
143 — Secure Composition Analysis - Discussing Dependency Scanning - Viable to Complete
144 — Discussion on why we need stable Vulnerability Finding IDs
145 — 2020.09.08 - Secure::Static Analysis team meeting
146 — 2020.08.31 - Secure::Static Analysis team meeting
147 — Secure 13.4 retro conversation - EMEA and NA
148 — How we can add dependency path to Dependency list page - sync call
149 — Security pitch guidance with new deck August 2020
150 — GitLab License Scanning - OSS Review Toolkit
151 — How to use the SECURE_ANALYZERS_PREFIX variable
152 — Secure Brainstorming - Security Report Schema revision handling - 2020-06-23
153 — Demoing GitLab Security features Offline/Limited Connectivity Environments
154 — dast-benchmark Details and Workflow
155 — Bitwise (ish) flags in security reports
156 — Secure UX issue: show on group security dashboard when security tests are not configured
157 — DAST to Complete Working Session 1
158 — 2020.05.11 - Secure::Static Analysis weekly group meeting
159 — Secure: Composition Analysis - Brain storm - Software Bill of Materials - SBoM
160 — Secure, Defend and Compliance - What is everyone thinking for the future of Policies?
161 — Types of DAST scans
162 — Walkthrough of DAST
163 — Secure workgroup on splitting build and analyze in the pipeline
164 — Secure Product Brainstorm - Dependency and License list overlap
165 — The Docker-in-Docker requirement for Security features
166 — GitLab 11.7 Retrospective - Secure
167 — Secure Stage Update - February, 2019
168 — Preview of Security Dashboard at the Group level
169 — Secure Team: Group-level Security Dashboard - Part I
170 — 2020.05.05 - SAST to Complete working session #1
171 — Discussion about asynchronous scanning jobs
172 — Jenkins CI triggering GitLab Security Scans on Success - Demo
173 — Secure Backlog Refinement Office Hours 2020-04-16
174 — Secure Brainstorming - x-y-stable image tagging and pinning to minor versions
175 — A demo of running DAST in air-gapped environment
176 — Brown Bag on Split build/scan PoC
177 — 2020.03.03 - Secure brainstorming
178 — GitLab Secure Stage Overview
179 — 2020-01-21 - Walkthrough of semi-automated advisory generation with adbcurate
180 — Dynamic Application Security Testing (DAST) - How Ajax spidering works
181 — 2019-10-16 Row-level locks for Create Vulnerability API call
182 — 2019.07.08 - Weekly Secure::Static and Dynamic Analysis team meeting
183 — 2020.02.27 - Brown Bag: Hands on Constraint Solving
184 — Secure multi project pipeline integration for analyzers
185 — Automated Advisory Generation Demo
186 — 2019.08.12 - Weekly Secure::Static And Dynamic Analysis group meeting
187 — Secure Team scheduling for 11.8
188 — Walk through of GitLab's APEX Static Application Security Testing (SAST) for Salesforce Development
189 — 2019-08-13 Secure Group: Migrating reports from frontend to backend
190 — 2019.08.12 - Weekly Secure stage meeting
191 — Secure Brown Bag Sessions: Rails Policies and Permissions
192 — Secure Brown Bag Sessions: Security Approvals Backend Implementation
193 — 2019.08.05 - weekly secure stage meeting
194 — 2019.07.15 - Weekly Secure::Static and Dynamic Analysis team meeting
195 — 2019.06.24 - Secure Section - 12.0 retrospective
196 — 2019.06.24 - Secure::Static and Dynamic Analysis weekly team meeting
197 — Bill of Materials brainstorming
198 — How to recognize vulnerabilities between commits
