DevSecOps Pipeline with GitLab with

This hands-on session is tailored for developers, DevOps engineers, or security professionals who want to design and implement a secure CI/CD pipeline using GitLab CI.

We'll cover:

-Designing secure GitLab pipelines with .gitlab-ci.yml

-Integrating SAST, SCA, DAST, secret detection, and container scanning
-Automating security gates to block vulnerable code from merging
-Managing security policies, approvals, and compliance reporting
-Generating and managing SBOMs within GitLab pipelines

Best practices for using GitLab’s built-in security features vs. external tools (e.g., Coverity, BlackDuck)

Bring your own project or use a guided template to get started.

I’m Najib Radzuan, a DevOps/DevSecOps Architect with over 16 years of hands-on experience helping individuals and organizations adopt secure and scalable engineering practices. I’ve served in diverse roles—from developer to DevOps engineer to solution manager—across cloud and on-prem environments.

My passion lies in mentoring professionals in career transformation, especially those transitioning into DevOps and DevSecOps roles. I provide practical, real-time guidance in CI/CD, infrastructure as code, and secure software delivery.

I’m well-versed in tools and platforms like Azure, AWS, Alibaba Cloud, Terraform, Ansible, and Git-based automation. Whether you're building your first pipeline or need enterprise-level architecture advice, I’m here to help you upskill, gain confidence, and succeed.

Let’s bridge the gap between where you are and where you want to be in your DevSecOps journey.