DevSecOps The Ultimate Guide to DevSecOps Best Practices DevSecOps aims at integrating security inside the development process. It can be hard to know where to start. In this article, learn the best practices to implement DevSecOps in your engineering teams.
DevSecOps DevSecOps 101 Part 4: Scanning Docker Images With Trivy This last part of the DevSecOps 101 series shows you how to scan your Docker images using Trivy, an open-source security scanner to find misconfigurations and vulnerabilities.
DevSecOps DevSecOps 101 Part 3: Scanning Live Web Applications with Nuclei This article is part of a series about integrating security tooling in the development process. You can find the rest of the articles here: * Part 1: Detecting Insecure Dependencies (SCA) * Part 2: Detecting Insecure Source Code (SAST) Note: This tutorial is based on the repository resulting from part 2. If
DevSecOps DevSecOps 101 Part 2: Detecting Insecure Source Code 📡 In this tutorial, we will learn how to detect and fix vulnerable python code using semgrep.
DevSecOps DevSecOps 101 part 1: Detecting Insecure Dependencies (SCA) In this tutorial, we will learn how to detect and avoid vulnerable dependencies when developing applications, by taking a voluntary vulnerable python app as an example.
