YoVDO

Controlled Mayhem With Cloud Native Security Pipelines

Offered By: OWASP Foundation via YouTube

Tags

Conference Talks Courses Helm Courses Access Control Courses CI/CD Pipelines Courses Spinnaker Courses Container Security Courses Cloud-Native Security Courses

Course Description

Overview

Explore cloud native security pipelines in this 39-minute conference talk from the OWASP Foundation. Delve into the evolution from traditional to cloud native CI/CD pipelines, emphasizing fundamental security principles. Learn about Spinnaker, knowledge acquisition through testing, and security challenges in container orchestration systems. Examine access control issues, AWS EKS insecure defaults, and potential problems with Helm and Tiller. Gain insights on building Jenkins X extensions and avoiding common pitfalls in cloud native security implementations.

Syllabus

Intro
Jack Mannino
The Traditional CI/CD Pipeline
Cloud Native CI/CD Pipeline
Old School vs. New School
Focus on Fundamentals First
Spinnaker
Gleaning Knowledge via Testing
Security Challenges & Opportunities
Failure is Everywhere
Container & Orchestration Systems
Access Control for Subjects
AWS EKS Insecure Defaults
Helm, Tiller, and Problems
Don't Do Dumb Stuff
Building Jenkins X Extensions


Taught by

OWASP Foundation

Related Courses

Building on Microsoft Sentinel Platform
Microsoft via YouTube Securing Applications and Infrastructure on Kubernetes with Sysdig
Mirantis via YouTube Container Escape in 2021
Hack In The Box Security Conference via YouTube Running at Light Speed - Cloud Native Security Patterns
LASCON via YouTube Running at Light Speed - Cloud Native Security Patterns
OWASP Foundation via YouTube