Skip to Content
Secure Projects with vulnerability scanning in Github
video

Secure Projects with vulnerability scanning in Github

by Alfredo Deza, Noah Gift
February 2021
54m
English
Pragmatic AI Labs

Overview

Get started with security vulnerability scanning and integrating that with Github, Github Actions and automated security checks in pull requests.
Learn how to scan reported vulnerabilities in projects and Docker containers, so that you can publish images to Docker hub or merge pull requests while knowing that changes in dependencies are secure.
Topics include:
* Install and run locally a security vulnerability scanner
* Catalog a project with an SBOM (Software Bill Of Materials) so that the scanner can do vulnerability matching.
* Setup a Github Action to automatically scan vulnerabilities in a project and optionally fail a build to prevent a merge.
* Scan a Docker container image that is built locally against the latest vulnerabilities, based on any CVE reported publicly

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Hands-On Security in DevOps

Hands-On Security in DevOps

Tony Hsiang-Chih Hsu
Kubernetes Security: Attacking and Defending Kubernetes
Deploying containerized and serverless apps with Terraform
Security Superstream: Ransomware

Security Superstream: Ransomware

Chloé Messdaghi, Alissa Knight, Cynthia Brumfield, Edna Conway, Kellyn Wagner Ramsdell, Laurie Iacono

Publisher Resources

ISBN: 50107VIDEOPAIMLOtherOtherOther