Video description
Get started with security vulnerability scanning and integrating that with Github, Github Actions and automated security checks in pull requests.
Learn how to scan reported vulnerabilities in projects and Docker containers, so that you can publish images to Docker hub or merge pull requests while knowing that changes in dependencies are secure.
Topics include:
* Install and run locally a security vulnerability scanner
* Catalog a project with an SBOM (Software Bill Of Materials) so that the scanner can do vulnerability matching.
* Setup a Github Action to automatically scan vulnerabilities in a project and optionally fail a build to prevent a merge.
* Scan a Docker container image that is built locally against the latest vulnerabilities, based on any CVE reported publicly
Table of contents
Product information
- Title: Secure Projects with vulnerability scanning in Github
- Author(s):
- Release date: February 2021
- Publisher(s): Pragmatic AI Labs
- ISBN: 50107VIDEOPAIML
You might also like
video
Kubernetes Security: Attacking and Defending Kubernetes
Like many complex systems Kubernetes has historically been insecure by default, and contains a number of …
book
Hands-On Security in DevOps
Protect your organization's security at all levels by introducing the latest strategies for securing DevOps Key …
video
Web Application Hacking with Burp Suite
Burp Suite contains an array of penetration testing and vulnerability finder tools. It is mainly used …
book
Kubernetes Security and Observability
Securing, observing, and troubleshooting containerized workloads on Kubernetes can be daunting. It requires a range of …