From the course: Application Security Posture Management: Security from the Supply Chain to Cloud Runtime
Join today to access over 25,500 courses taught by industry experts.
Secure software development lifecycle (SSDLC)
From the course: Application Security Posture Management: Security from the Supply Chain to Cloud Runtime
Secure software development lifecycle (SSDLC)
- Now that we understand how containers get built and the challenges associated with it, let's talk about securing Git repos themselves. Your developer workflows themselves introduce a lot of potential risk into deploying insecure code if the proper settings aren't in place. Let's be honest, like most people, developers will often push code in the fastest and easiest way that they're allowed to. However, because of evolving compliance requirements, even smaller organizations are needing to demonstrate that they have policies and approvals in place when they push code changes. While this amount of oversight might seem daunting, there are actually just a few settings to check in your source code management tool that help you get 90% of the way there. Earlier in the course, we opened our first poll request so that we can understand developer workflows. So now if you have a repository that you've either created or in your organization that you have administrative access to, you can follow…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
Challenges with securing supply chains4m 26s
-
(Locked)
Secure software development lifecycle (SSDLC)5m 27s
-
(Locked)
Container vulnerability scanning5m 46s
-
(Locked)
Securing DevOps runners3m 18s
-
(Locked)
Approaches to container scanning2m 28s
-
(Locked)
Challenge: Compare container base images56s
-
(Locked)
Solution: Compare container base images2m 40s
-
(Locked)
-
-
-