Skip to content

Security Overview

The project is for educational purposes. These are the instructions for the upcoming demonstration. It requires about 6–8 hours of work to integrate, run, and accomplish these steps with our current tooling.

Setup

  • Fork the insecure-bank-corp with all branches
  • Read the project documentation
  • Verify everything works
  • Run make all from the Makefile

Scenario

Please take a look at each of the following six (6) scenario.

  1. SDLC Bad Practices
  2. Dependency Vulnerabilities
  3. Exemption & Waivers
  4. Code Vulnerabilities
  5. Container Vulnerabilities
  6. SBOM Generation

If required use the Branches Pipeline to implement any workflow steps.

And everything in between

  • Showcases whatever you wish to highlight during the demonstration
  • Highlights shift-left1 capabilities has much as possible recommended
  • Allocates the available time to scenario you can present; if you cannot demonstrate a scenario
  • Ignores all hardcoded or leaked credentials; GitGuardian will take care of them

  1. Shift-left testing