Secure Projects with vulnerability scanning in Github
Get started with security vulnerability scanning and integrating that with Github, Github Actions and automated security checks in pull requests. Learn how to scan reported vulnerabilities in projects and Docker containers, so that you can publish images to Docker hub or merge pull requests while kn...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | eBook |
| Language: | English |
| Published: |
[Erscheinungsort nicht ermittelbar], Boston, MA
Pragmatic AI Solutions, Safari
2021
|
| Edition: | 1st edition |
| Subjects: | |
| Online Access: | |
| Collection: | O'Reilly - Collection details see MPG.ReNa |
| Summary: | Get started with security vulnerability scanning and integrating that with Github, Github Actions and automated security checks in pull requests. Learn how to scan reported vulnerabilities in projects and Docker containers, so that you can publish images to Docker hub or merge pull requests while knowing that changes in dependencies are secure. Topics include: * Install and run locally a security vulnerability scanner * Catalog a project with an SBOM (Software Bill Of Materials) so that the scanner can do vulnerability matching. * Setup a Github Action to automatically scan vulnerabilities in a project and optionally fail a build to prevent a merge. * Scan a Docker container image that is built locally against the latest vulnerabilities, based on any CVE reported publicly |
|---|---|
| Item Description: | Online resource; Title from title screen (viewed February 25, 2021) |
| Physical Description: | 1 video file, circa 54 min. |