Security as Code - A DevSecOps Approach
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the concept of Security as Code (SaC) in this 37-minute conference talk from KubeCon + CloudNativeCon Europe. Learn how to implement security directly into CI/CD pipelines for continuous vulnerability detection. Discover the benefits of adopting SaC, including improved collaboration between Development and Security teams and fostering a security-focused organizational culture. Gain insights into implementing a successful DevSecOps culture by applying lessons learned from DevOps. Get introduced to CodeQL, a free language for open-source projects that enables coding security checks. Watch a demonstration on creating queries for identifying vulnerabilities and misconfigurations in CI/CD pipelines. Benefit from shared experiences and lessons learned from providing security advice to six open-source projects during free office hours.
Syllabus
Security as Code: A DevSecOps Approach - Xavier René-Corail, GitHub
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
CodeQL Roundtable: Leveraging Static Analysis for Bug BountiesBugcrowd via YouTube Discover Vulnerabilities with CodeQL
HackerOne via YouTube Event-based Fuzzing, Patch-based Research, and Comment Police - Finding Bugs Through a Bug
Black Hat via YouTube Protect Your Code with GitHub Security Features
GOTO Conferences via YouTube Security as Code - A DevSecOps Approach
NDC Conferences via YouTube