Secure CI/CD with GitLab
01Threat-model your pipelinePoisoned deps, leaked runners, tampered artifacts.12 min02Protected branches, tags & environmentsWho can change and deploy what.12 min03Runner isolation & protected runnersKeep feature branches off production runners.14 min04CI/CD variables, masking & secret managersSecrets that do not leak into logs or forks.14 min
01SAST & code scanningFind bugs in your own source.12 min02Secret detectionCatch the committed key before main.10 min03Dependency scanning (SCA)The CVEs you inherited from your libraries.12 min04Container image scanningTrivy: report all, fail on critical.12 min05DAST & the scan pipelineTest the running app; wire it all together.12 min
Final exam
Test yourself on everything
50 questions drawn from all 5 sections — every answer explained as you pick.