all InfoSec news
Scanning and remediating vulnerabilities with Grype
DEV Community dev.to
Date: 2023-08-19
The source code for this lab exercise is available on GitHub.
Consider our typical DevSecOps CI/CD pipeline that triggers automated unit and integration testing, container image building, vulnerability scanning, image pushing and signing, all the way up to deploying to a properly secured production environment on every developer commit to a Git repository.
We've seen how to construct a complete DevOps CI/CD pipeline with GitHub Actions, how container image signing and verification can be achieved with …
automated cd pipeline code container containers developer devsecops environment exercise git github grype image integration lab microservices pipeline remediating vulnerabilities scanning security signing source code testing vulnerabilities vulnerability vulnerability scanning