DevSecOps Tutorial - Building a Pipeline with GitHub Actions and Docker Scout
TechWorld with Nana via YouTube
Overview
Syllabus
- Intro and Course Overview
- Importance of Security
- Before DevSecOps: Security as Afterthought
- What is DevSecOps
- How DevSecOps works in Practice: DevSecOps Tools
- Shifting Security Left
- DevSecOps DEMO
- Demo Overview
- Workflow Templates
- Configure SAST Scan
- Analyze scan results
- Ignore Low Severity Issues
- Generate Scan Report
- Configure Image Scanning with Docker Scout
- Analyze scan results
- Reuse existing GitHub Action for Docker Scout
- Where to go from here
- Next Steps - Cloud and Kubernetes Security
Taught by
TechWorld with Nana