Example use case: Securing a Django project

In this example, we will demonstrate how the proactive shift left vulnerability management feature works when adding a new package to a project.

About this task

When you add a new package, such as Django version 3.0.14, to your project, the feature automatically checks for vulnerabilities and provides you with alerts and recommendations to update to a secure version. You can then take proactive measures to address the vulnerability, reducing the risk of security breaches.

Procedure

  1. Adding a new package:

    When you add a new package, such as Django version 3.0.14, to your project and create a new pull request, the feature is triggered.

  2. Automated vulnerability detection:

    The Jenkins pipeline is instantly triggered, intelligently identifying the packages associated with the application and sending the package information to the Concert's package advisory API.

  3. Vulnerability alerts and remediation:
    Once the Jenkins pipeline completes, the vulnerability alerts and remediation information appear directly in your GitHub pull request.
    Figure 1. GitHub outputScreenshot of GitHub output.

Results

These proactive alerts and recommendations enable you to address security risks early, ensuring the security and integrity of your Django project. These alerts are informative, but never intrusive, and won't block your builds or interrupt your development flow. Instead, they empower you to address security risks early, keeping your project safe, secure, and smoothly on track.