YoVDO

Controlled Mayhem With Cloud Native Security Pipelines

Offered By: OWASP Foundation via YouTube

Tags

Conference Talks Courses Helm Courses Access Control Courses CI/CD Pipelines Courses Spinnaker Courses Container Security Courses Cloud-Native Security Courses

Course Description

Overview

Explore cloud native security pipelines in this 39-minute conference talk from the OWASP Foundation. Delve into the evolution from traditional to cloud native CI/CD pipelines, emphasizing fundamental security principles. Learn about Spinnaker, knowledge acquisition through testing, and security challenges in container orchestration systems. Examine access control issues, AWS EKS insecure defaults, and potential problems with Helm and Tiller. Gain insights on building Jenkins X extensions and avoiding common pitfalls in cloud native security implementations.

Syllabus

Intro
Jack Mannino
The Traditional CI/CD Pipeline
Cloud Native CI/CD Pipeline
Old School vs. New School
Focus on Fundamentals First
Spinnaker
Gleaning Knowledge via Testing
Security Challenges & Opportunities
Failure is Everywhere
Container & Orchestration Systems
Access Control for Subjects
AWS EKS Insecure Defaults
Helm, Tiller, and Problems
Don't Do Dumb Stuff
Building Jenkins X Extensions


Taught by

OWASP Foundation

Related Courses

Google Cloud CI/CD Pipelines (GCP DevOps Engineer Track Part 3)
A Cloud Guru Continuous Delivery Pipelines with Spinnaker and Kubernetes Engine
Google via Google Cloud Skills Boost Google Cloud Solutions I: Scaling Your Infrastructure
Google via Google Cloud Skills Boost Continuous Delivery Pipelines with Spinnaker and Kubernetes Engine
Google Cloud via Coursera Kubernetes: Continuous Delivery with Spinnaker
LinkedIn Learning