Client: Public Sector Portal (India)
Tools: Jenkins, SonarQube, AquaSec, Checkov, Fortify
Challenge:
High security risks during code deployments and manual scans delayed go-live timelines.

Solution:

  • Designed secure SDLC integrating SAST, DAST, container image scanning
  • Enabled Jenkins pipelines with integrated SonarQube and Checkov
  • Used AquaSec to scan Docker images; enforced quality gates for promotion
  • Deployed signed artifacts to secure Nexus repo
  • Integrated Slack and email-based alerting for security violations

Outcome:
Reduced security vulnerability exposure by 60%. Passed stringent compliance audits (CERT-In, OWASP Top 10).

Leave a Reply

Your email address will not be published. Required fields are marked *