all InfoSec news
Evaluating and securing your Kubernetes infrastructure with kube-bench
DEV Community dev.to
Date: 2023-08-25
In the past few articles, we saw how to construct a complete DevOps pipeline with GitHub Actions and integrate security-oriented tools such as Grype, Sigstore Cosign and policy-controller into our pipeline to implement an end-to-end DevSecOps workflow providing a comprehensive level of protection for our applications:
- Implementing continuous delivery pipelines with GitHub Actions
- Scanning and remediating vulnerabilities with Grype
- Securing your Kubernetes workloads with Sigstore
However, no matter how well our applications are secured, the security of our …
actions applications articles continuous continuous delivery controller delivery devops devsecops end end-to-end github github actions grype infrastructure integrate kubernetes pipeline pipelines policy protection security sigstore tools