From the course: Application Security Posture Management: Security from the Supply Chain to Cloud Runtime
Join today to access over 25,600 courses taught by industry experts.
Challenges with securing supply chains
From the course: Application Security Posture Management: Security from the Supply Chain to Cloud Runtime
Challenges with securing supply chains
- [Presenter] Earlier, we talked in-depth about all of the places you can scan code for vulnerabilities. Now we're going to take a deep dive into container scanning. To overly simplify, a container is like a snapshot of a virtual machine. It's like a small server of everything you need to run your application. Containers are the frontier of modern web development, and unfortunately, security teams have been slower to define best practices and fully realize how they've changed the nature of security. We're going to start by discussing how containers radically alter security by emphasizing the importance of what's called the software supply chain. Back when we did our SBOM scan, we saw that the container was where thousands of packages get installed and are used to run our application. In the Windows world, the supply chain was both less and more of an issue. It was less of an issue because there was only one supplier of most of the infrastructure, Microsoft, but it was also more of an…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
Challenges with securing supply chains4m 26s
-
(Locked)
Secure software development lifecycle (SSDLC)5m 27s
-
(Locked)
Container vulnerability scanning5m 46s
-
(Locked)
Securing DevOps runners3m 18s
-
(Locked)
Approaches to container scanning2m 28s
-
(Locked)
Challenge: Compare container base images56s
-
(Locked)
Solution: Compare container base images2m 40s
-
(Locked)
-
-
-