It’s no secret that running a DevSecOps pipeline typically requires significant resource investment, both time and money. This is especially problematic for open source projects and projects that simply do not have deep pockets. The good news is that DevSecOps doesn’t have to cost a lot! During this talk, we will demonstrate how to bootstrap a project with a full DSO pipeline, using only containers and free/open source tools. We will also demonstrate the excellent properties our approach has for security, scalability, and reproducibility across environments as the project grows in size.