 Resilient has developed a new GitLab security integration. The Resilient job will help you reduce patching efforts so that you can code faster and more efficiently. In this video, I'll show you how to integrate the Resilient job into your GitLab CI CD pipeline. Now let's add Resilient to our GitLab CI CD pipeline. We can do this by including the local file Resilient underscore validate.yaml. We also need to add a few variables, such as the license key, the scanner, and the Docker image. Here I'm defining the scanner variable as GitLab Trivy, which tells Resilient to pull vulnerabilities from GitLab Trivy scanner. The Docker image parameter is optional and is used if we want Resilient to only run on a specific Docker image. Next, we add a before script and artifacts on the job we want Resilient to run on. Now let's take a look at a pipeline running Resilient. We can click on the completed job and browse the artifacts. And here we see three files. In the Sbom HTML, we have a table containing the software bill of materials. This provides us with package name, version, type, as well as loaded files and state. In the Vulnerable Components HTML, we see all the software components detected as well as the vulnerabilities associated with them. The table provides the package name, its version, type, what its severity is, as well as its state, and evidence showing that the vulnerability is actually occurring. When clicking on a specific component, a pop-up will appear with all the vulnerabilities associated with that component. This includes a link to the CVE, a detailed description, and the severity of the vulnerability. We can use the search box in order to filter components. Here I'm filtering by exploitable components, which shows components which have been loaded into memory and are exploitable. In the Validated Vulnerabilities HTML file, we see all the vulnerabilities that were validated by the scanner. This includes a link to the CVE, the severity of the vulnerability, a detailed description, as well as if the vulnerability is exploitable or unexploitable. We can sort by state in order to have developers only work on exploitable vulnerabilities. Now let's take a look at GitLab's vulnerability report. The vulnerability report provides information about vulnerabilities from scans on the default branch. The vulnerability report provides totals of vulnerabilities per severity level, filters for common vulnerability attributes, such as status, severity, tool, and activity, as well as details of each vulnerability presented in a tabular layout. The Resilient Scanner will populate the Activity tab with a false positive icon if any unexploitable vulnerabilities are detected. You can take action and dismiss an unexploitable vulnerability. When clicking on a vulnerability, you'll have detailed information on that vulnerability and you can also create a confidential issue in order to collaborate with others without alerting malicious actors.