NeuVector Integration into AWS CodePipeline CI/CD workflow (osc24)
Chaos Computer Club - archive feed · Dominik Wombacher
June 28, 202438m 24s
Audio is streamed directly from the publisher (cdn.media.ccc.de) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
NeuVector is a open source container security platform. Key strengths are vulnerability and runtime scanning. I demonstrate in this talk how you ensure that only container images without a detected vulnerability move to the next stage in your Pipeline. How you define the baseline of allowed activities of your application. And how you can block the deployment into production if an unexpected behavior at runtime was detected in your testing stage. I'll use AWS CodePipeline, AWS CodeDeploy and AWS CloudFormation. The procedure is applicable to other toolset and Hybrid environments as well.
NeuVector is a open source container security platform. Key strengths are vulnerability and runtime scanning. I demonstrate in this talk how you ensure that only container images without a detected vulnerability move to the next stage in your Pipeline. How you define the baseline of allowed activities of your application. And how you can block the deployment into production if an unexpected behavior at runtime was detected in your testing stage. I'll use AWS CodePipeline, AWS CodeDeploy and AWS CloudFormation. The procedure is applicable to other toolset and Hybrid environments as well.
about this event: https://c3voc.de
Topics
osc2445842024CloudContainersVirtualization