Czech Television Case Study

Building Security-Driven Development & Resilient CI/CD with HackiHub

Industry: Media and Entertainment | Duration: 4 Key Projects | Focus: SSDLC & CI/CD

Project Stakeholder: Josef Bilek, IT security specialist, Czech Television

The Mission & The Impact

HackiHub collaborated with the customer on four focused DevSecOps initiatives, combining education, hands-on workshops, competitive security exercises, and deep technical CI/CD review.

The goal was clear:

Increase developers’ and DevOps teams’ security awareness and embed security as an integral part of modern software delivery.

Through bootcamps, live security exercises, and architecture reviews, HackiHub delivered

  • Concrete CI/CD pipeline designs
  • Tooling recommendations
  • Step-by-step implementation guidance
  • Tailored process design aligned with modern DevSecOps principles

The collaboration resulted in measurable improvements in security maturity and CI/CD resilience.

Operational Context

The customer operates in a modern software development environment with established DevOps practices. However, like many organizations transitioning toward mature DevSecOps, they faced key challenges

  • Security was not consistently integrated into CI/CD pipelines
  • Limited visibility into automated security checks
  • Need to improve SSDLC understanding across teams
  • Lack of structured approach to shift-left security
  • Desire to expose teams to real-world attacker perspectives

The organization sought a practical, technically grounded transformation rather than theoretical training.

The Challenge

Before engaging HackiHub, the primary challenges were

Security Awareness Gap

Developers and DevOps engineers required deeper understanding of

  • Secure Software Development Lifecycle (SSDLC)
  • OWASP Top 10
  • Real-world vulnerabilities and attack patterns
  • The hacker’s perspective

CI/CD Security Integration

  • Incomplete automation of security testing in pipelines
  • Missing structured SAST, SCA, and DAST integration
  • Limited pipeline resilience and validation gates
  • Need for architecture-level improvement of CI workflows

The organization recognized that security must become embedded into development and DevOps workflows, not treated as a separate afterthought.

The Strategic Roadmap

HackiHub delivered four targeted projects

Secure Development Bootcamp

Objective
Design, analyze, test, and program software safely in modern environments.

Core Topics:

  • Secure Software Development Lifecycle (SSDLC)
  • Shift-left security
  • SAST (Static Application Security Testing)
  • SCA (Software Composition Analysis)
  • DAST (Dynamic Application Security Testing)
  • OWASP Top 10
  • Secure coding patterns
  • Real-world breach case studies

This bootcamp aligned developers with modern secure engineering principles and gave them practical vulnerability analysis experience.

DevSecOps Bootcamp

Objective
Understand and implement secure CI/CD and automated security detection.

Focus Areas:

  • Secure CI/CD pipeline architecture
  • Automated security gates
  • Continuous delivery hardening
  • Resilient deployment workflows
  • Infrastructure security controls
  • Automated remediation strategies

Teams learned how to:

  • Integrate security tools directly into CI/CD pipelines
  • Automate vulnerability detection
  • Enforce policy checks
  • Design failure-safe deployment systems

Hactivity

Objective
Production bug hunting exercise in competitive team format.

Small teams competed to identify the highest number of security issues in a selected product.

This approach

  • Encouraged active learning
  • Promoted offensive security thinking
  • Reinforced secure coding principles
  • Created strong team engagement

It proved highly effective in transforming passive awareness into practical skill.

DevSecOps Review & Architecture Assessment

A comprehensive review of:

  • DevOps technology stack
  • Infrastructure security posture
  • CI workflows and jobs
  • Continuous delivery process
  • Security best practices compliance

Deliverables included:

  • Revised CI/CD architecture design
  • Identification of weak points in workflow structure
  • Security-focused pipeline hardening proposals
  • Structured roadmap for improvement

How We Worked Together

Collaboration was described as

Excellent, with highly active participation.

HackiHub worked in a workshop-driven format:

  • Interactive sessions
  • Live demonstrations
  • Practical labs
  • Architecture whiteboarding
  • Direct discussion with Dev and DevOps teams

The engagement was not lecture-based — it was hands-on and applied to the customer’s real environment.

Technical Uplift & Impact

The collaboration produced tangible outcomes

Concrete CI/CD Pipeline Design

  • Structured pipeline stages
  • Security validation gates
  • Automated scanning integration
  • Clear separation of build, test, scan, and deploy phases

Tooling Recommendations

Specific recommendations for:

  • SAST
  • SCA
  • DAST
  • Pipeline hardening tools
  • Infrastructure validation
  • Secret detection
  • Container security scanning

Step-by-Step Implementation Plan

  • Clear “getting started” roadmap
  • Maturity-based progression model
  • Prioritized actions
  • Low-friction adoption strategy

Individual Process Design

A comprehensive review of:

  • Tailored process adjustments
  • CI/CD optimization aligned with internal workflows
  • Practical implementation guidance

What Brought the Most Value

The most valuable element of the collaboration was

Design of CI/CD pipelines with integrated security controls

The ability to move from theory to a structured, secure, and resilient CI/CD architecture provided long-term impact beyond training. The customer stated

Absolutely recommended for all mentioned projects and for DevSecOps practices overall.

Strategic Impact

This engagement demonstrates that:

  • Security awareness must be experiential, not theoretical
  • CI/CD architecture is the backbone of DevSecOps maturity
  • Combining training + competition + review accelerates transformation
  • Practical pipeline design delivers lasting value
  • Providing concrete code samples and implementation-ready examples bridges the gap between theory and execution

HackiHub did not stop at recommendations. We supported the teams with:

  • Sample secure CI configurations
  • Example security job integrations (SAST, SCA, DAST, container scanning)
  • Reference pipeline stage structures
  • Secure coding examples aligned with OWASP guidance
  • Practical remediation code snippets

This significantly reduced adoption friction and enabled teams to:

  • Immediately apply improvements
  • Refactor existing CI workflows safely
  • Implement security checks with confidence
  • Standardize secure patterns across projects

The result was not only improved awareness — but actionable technical uplift.

Scroll to Top