YoVDO

Controlled Mayhem With Cloud Native Security Pipelines

Offered By: OWASP Foundation via YouTube

Tags

Conference Talks Courses Helm Courses Access Control Courses CI/CD Pipelines Courses Spinnaker Courses Container Security Courses Cloud-Native Security Courses

Course Description

Overview

Explore cloud native security pipelines in this 39-minute conference talk from the OWASP Foundation. Delve into the evolution from traditional to cloud native CI/CD pipelines, emphasizing fundamental security principles. Learn about Spinnaker, knowledge acquisition through testing, and security challenges in container orchestration systems. Examine access control issues, AWS EKS insecure defaults, and potential problems with Helm and Tiller. Gain insights on building Jenkins X extensions and avoiding common pitfalls in cloud native security implementations.

Syllabus

Intro
Jack Mannino
The Traditional CI/CD Pipeline
Cloud Native CI/CD Pipeline
Old School vs. New School
Focus on Fundamentals First
Spinnaker
Gleaning Knowledge via Testing
Security Challenges & Opportunities
Failure is Everywhere
Container & Orchestration Systems
Access Control for Subjects
AWS EKS Insecure Defaults
Helm, Tiller, and Problems
Don't Do Dumb Stuff
Building Jenkins X Extensions


Taught by

OWASP Foundation

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube