You're reading from Learning DevOps A comprehensive guide to accelerating DevOps culture adoption with Terraform, Azure DevOps, Kubernetes, and Jenkins

Product type Paperback

Published in Mar 2022

Publisher Packt

ISBN-13 9781801818964

Length 560 pages

Edition 2nd Edition

Tools

Azure

Concepts

DevOps

Author (1):

Mikael Krief

View More author details

Table of Contents (25) Chapters

Preface

1. Section 1: DevOps and Infrastructure as Code

2. Chapter 1: The DevOps Culture and Infrastructure as Code Practices FREE CHAPTER

3. Chapter 2: Provisioning Cloud Infrastructure with Terraform

4. Chapter 3: Using Ansible for Configuring IaaS Infrastructure

5. Chapter 4: Optimizing Infrastructure Deployment with Packer

6. Chapter 5: Authoring the Development Environment with Vagrant

7. Section 2: DevOps CI/CD Pipeline

8. Chapter 6: Managing Your Source Code with Git

9. Chapter 7: Continuous Integration and Continuous Delivery

10. Chapter 8: Deploying Infrastructure as Code with CI/CD Pipelines

11. Section 3: Containerized Microservices with Docker and Kubernetes

12. Chapter 9: Containerizing Your Application with Docker

13. Chapter 10: Managing Containers Effectively with Kubernetes

14. Section 4: Testing Your Application

15. Chapter 11: Testing APIs with Postman

16. Chapter 12: Static Code Analysis with SonarQube

17. Chapter 13: Security and Performance Tests

18. Section 5: Taking DevOps Further/More on DevOps

19. Chapter 14: Security in the DevOps Process with DevSecOps

20. Chapter 15: Reducing Deployment Downtime

21. Chapter 16: DevOps for Open Source Projects

22. Chapter 17: DevOps Best Practices

23. Assessments

24. Other Books You May Enjoy

Detecting security vulnerabilities with WhiteSource Bolt

Due to their public visibility, open source projects or components are highly exposed to security vulnerabilities because it is easier to unintentionally inject a component (a package or one of its dependencies) containing a security vulnerability into them.

In addition to static source code analysis, it is also very important to continuously check the security of packages that are referenced or used in our open source projects.

Many tools are available that we can use to analyze the security of referenced packages in applications, such as SonaType AppScan (https://www.sonatype.com/appscan), Snyk (https://snyk.io/), and WhiteSource Bolt (https://bolt.whitesourcesoftware.com/).

Note

For more information on open source vulnerability scanning tools, take a look at the following article, which lists 13 tools that analyze the security of open source dependencies: https://techbeacon.com/app-dev-testing/13-tools-checking...

The rest of the chapter is locked

You're reading from Learning DevOps A comprehensive guide to accelerating DevOps culture adoption with Terraform, Azure DevOps, Kubernetes, and Jenkins

Table of Contents (25) Chapters

Detecting security vulnerabilities with WhiteSource Bolt

Authors (1)

Personalised recommendations for you

You're reading from Learning DevOps A comprehensive guide to accelerating DevOps culture adoption with Terraform, Azure DevOps, Kubernetes, and Jenkins

Table of Contents (25) Chapters

Detecting security vulnerabilities with WhiteSource Bolt

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you