all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Scanning and remediating vulnerabilities with Grype

Add to bookmarks
Aug. 19, 2023, 9:07 a.m. | Donald Sebastian Leung

DEV Community dev.to

Date: 2023-08-19


The source code for this lab exercise is available on GitHub.


Consider our typical DevSecOps CI/CD pipeline that triggers automated unit and integration testing, container image building, vulnerability scanning, image pushing and signing, all the way up to deploying to a properly secured production environment on every developer commit to a Git repository.



We've seen how to construct a complete DevOps CI/CD pipeline with GitHub Actions, how container image signing and verification can be achieved with …

automated cd pipeline code container containers developer devsecops environment exercise git github grype image integration lab microservices pipeline remediating vulnerabilities scanning security signing source code testing vulnerabilities vulnerability vulnerability scanning

Visit resource

More from dev.to / DEV Community

How to Get a Free Custom Domain 30 minutes ago | dev.to
article branding can custom +16
Rebuilding TensorFlow 2.8.4 on Ubuntu 22.04 to patch vulnerabilities 34 minutes ago | dev.to
ai amp context critical +17
Keyoxide Identity Proof an hour ago | dev.to
claim control dev fingerprint +5
Keyoxide/Ariadne Identity Verification 2 hours ago | dev.to
account control dev fingerprint +7
Unleash The Power of Azure: Creating A Linux VM with SSH keys Security. 3 hours ago | dev.to
access azure cloud cloudengineering +22
Use CloudFlare Workers and D1 to Create a Completely Free CRUD API 5 hours ago | dev.to
api backenddevelopment cdn cloud +24
IOT Raspberry Pi using Azure 6 hours ago | dev.to
above account azure azurefunctions +16
Build a password manager with Rust - Part 2 14 hours ago | dev.to
application article build can +13
Security Features in Push Protocol: Ensuring Safe Communication 15 hours ago | dev.to
applications blockchain communication dapps +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com