Overview
Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore cloud native security pipelines in this 39-minute conference talk from the OWASP Foundation. Delve into the evolution from traditional to cloud native CI/CD pipelines, emphasizing fundamental security principles. Learn about Spinnaker, knowledge acquisition through testing, and security challenges in container orchestration systems. Examine access control issues, AWS EKS insecure defaults, and potential problems with Helm and Tiller. Gain insights on building Jenkins X extensions and avoiding common pitfalls in cloud native security implementations.
Syllabus
Intro
Jack Mannino
The Traditional CI/CD Pipeline
Cloud Native CI/CD Pipeline
Old School vs. New School
Focus on Fundamentals First
Spinnaker
Gleaning Knowledge via Testing
Security Challenges & Opportunities
Failure is Everywhere
Container & Orchestration Systems
Access Control for Subjects
AWS EKS Insecure Defaults
Helm, Tiller, and Problems
Don't Do Dumb Stuff
Building Jenkins X Extensions
Taught by
OWASP Foundation