Mujahid A.

End to End CI/CD Pipeline in DevSecOps: Role: DevOps Engineer Tools: SonarQube, OWASP Dependency-Check, Trivy, Docker, Jenkins. Duration: January 2024 - March 2024 • Designed and implemented a comprehensive CI/CD pipeline to automate the security-focused build, test, and deployment procedures. • Configured Jenkins for managing the pipeline, integrating with SonarQube for static code analysis, and OWASP Dependency-Check for weakness scanning of project dependencies. • Containerized Applications using Docker, create and manage Dockerfiles for different services. • integrated Trivy for vulnerability scanning of Docker images, ensuring secure deployments. • Automated deployment to staging and production environment with seamless pipeline execution and automated notification on build status. • Achieved improved code quality and security posture through regular continuous integration and vulnerability assessments.