Securing Today’s Software-Development Pipelines
January 1, 2018Rapid7, Inc. Computer Science, 2017-18
Liaison(s): Corinne Druhan ’14, James Green, Bryan Trujillo ’15
Advisor(s): Elizabeth Sweedyk
Students(s): Zhenghan Zhang, Spencer Michaels, Eric Nguyen, Sarah Sedky
Our project aims to expand the capabilities of Rapid7’s security assessment platform by integrating the company’s newly-developed container assessment service into popular continuous integration tools, namely Jenkins, Bamboo, and Teamcity. Anyone developing a container with these tools can add our plugin to the build pipeline to check for vulnerabilities during each build. The plugin generates a detailed assessment report, and the user can configure rules to pass or fail the build depending on various criteria present in the assessment results.