Security as Code - A DevSecOps Approach
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the concept of Security as Code (SaC) in this 37-minute conference talk from KubeCon + CloudNativeCon Europe. Learn how to implement security directly into CI/CD pipelines for continuous vulnerability detection. Discover the benefits of adopting SaC, including improved collaboration between Development and Security teams and fostering a security-focused organizational culture. Gain insights into implementing a successful DevSecOps culture by applying lessons learned from DevOps. Get introduced to CodeQL, a free language for open-source projects that enables coding security checks. Watch a demonstration on creating queries for identifying vulnerabilities and misconfigurations in CI/CD pipelines. Benefit from shared experiences and lessons learned from providing security advice to six open-source projects during free office hours.
Syllabus
Security as Code: A DevSecOps Approach - Xavier René-Corail, GitHub
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Building on Microsoft Sentinel PlatformMicrosoft via YouTube Securing Applications and Infrastructure on Kubernetes with Sysdig
Mirantis via YouTube Container Escape in 2021
Hack In The Box Security Conference via YouTube Running at Light Speed - Cloud Native Security Patterns
LASCON via YouTube Controlled Mayhem With Cloud Native Security Pipelines
OWASP Foundation via YouTube