Feb 18
Loading video player...
Title: Shift-Left Security in Practice with Gitlab Speaker(s): Rashi Chaubal --- Security is no longer something to “add at the end.” In modern DevOps, teams must embed security checks early and automatically — the essence of “shift-left security.” In this session, we’ll explore how to implement practical, automated security testing in CI/CD pipelines using open tools that are natively integrated in gitlab, with GitLab CI/CD as an example platform. We’ll demonstrate how to integrated open-source scanners like Semgrep, and OWASP ZAP work under the hood — all without needing enterprise licenses. The focus will be on principles and workflow design: where to start, how to keep pipelines fast, and how to give developers actionable feedback. Attendees will leave with a ready-to-use blueprint to implement shift-left security in their own environments. This talk is for developers, DevOps engineers, and security practitioners who want to make security a seamless, automated part of delivery — not a late-stage blocker. --- Full schedule, including slides and other resources: https://pretalx.devconf.info/devconf-in-2026/schedule/