From the course: Cloud Security for DevSecOps Engineers: From Security Models to API Protection
Join today to access over 25,500 courses taught by industry experts.
IaC scanning basics
From the course: Cloud Security for DevSecOps Engineers: From Security Models to API Protection
IaC scanning basics
- [Instructor] When you deploy resources into the cloud using infrastructure as code, how can you ensure that your resources are indeed secured and hardened? You can achieve this by scanning your code. Let's dive into what IaC scanning means, its benefits, and some tools that you should be aware of. According to Olga from JetBrains, "Infrastructure as code scanning is the process of statically analyzing infrastructure configuration files such as Terraform, CloudFormation, and Kubernetes manifest to detect misconfigurations, security vulnerabilities and policy violations before they are deployed. With IaC security scanning, there are some key benefits that I would like for you to remember. Number one, IaC scanning helps you prevent security risks by identifying security gaps within your infrastructure and providing recommendations on how to fix them. It also helps you reduce the amount of configuration errors or misconfigurations in your code. And lastly, IaC scanning tools help you…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Getting set up in GitHub Codespaces4m 46s
-
What is infrastructure as code (IaC)?5m 27s
-
(Locked)
Common security risks with IaC4m 46s
-
(Locked)
Policy-as-code basics4m 21s
-
(Locked)
IaC scanning basics5m 32s
-
(Locked)
Scan misconfigured IaC files and report findings using Trivy3m 30s
-
(Locked)
Purpose of automating IaC security scans1m 52s
-
(Locked)
GitHub Actions IaC scanning with Trivy6m 52s
-
(Locked)
-