YoVDO

Controlled Mayhem With Cloud Native Security Pipelines

Offered By: OWASP Foundation via YouTube

Tags

Conference Talks Courses Helm Courses Access Control Courses CI/CD Pipelines Courses Spinnaker Courses Container Security Courses Cloud-Native Security Courses

Course Description

Overview

Explore cloud native security pipelines in this 39-minute conference talk from the OWASP Foundation. Delve into the evolution from traditional to cloud native CI/CD pipelines, emphasizing fundamental security principles. Learn about Spinnaker, knowledge acquisition through testing, and security challenges in container orchestration systems. Examine access control issues, AWS EKS insecure defaults, and potential problems with Helm and Tiller. Gain insights on building Jenkins X extensions and avoiding common pitfalls in cloud native security implementations.

Syllabus

Intro
Jack Mannino
The Traditional CI/CD Pipeline
Cloud Native CI/CD Pipeline
Old School vs. New School
Focus on Fundamentals First
Spinnaker
Gleaning Knowledge via Testing
Security Challenges & Opportunities
Failure is Everywhere
Container & Orchestration Systems
Access Control for Subjects
AWS EKS Insecure Defaults
Helm, Tiller, and Problems
Don't Do Dumb Stuff
Building Jenkins X Extensions


Taught by

OWASP Foundation

Related Courses

Learn DevOps: Advanced Kubernetes Usage
Udemy Containers 101
Udemy Packaging Applications with Helm for Kubernetes
Pluralsight Azure for DevOps: Application Infrastructure
LinkedIn Learning Kubernetes: Native Tools
LinkedIn Learning