- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
JFrog Artifactory: DevSecOps, Binary Repository Management and Image Security
The discussion in this podcast provides a comprehensive security overview of JFrog Artifactory, a critical and foundational component acting as a universal binary repository manager within the software supply chain. It explains Artifactory's core architecture, including its server, database, and various repository types (local, remote, virtual), and emphasizes its indispensable role in DevOps and CI/CD pipelines. It highlights that the platform faces significant threats stemming from misconfigurations like anonymous access and public exposure, as well as the critical risk of leaked, broadly privileged tokens that can enable catastrophic supply chain attacks. Finally, it details a strategic set of mitigation and best practices, focusing on layered defense, network isolation, the use of JFrog Xray for continuous scanning, and adopting fine-grained, least-privilege access controls to secure this high-value target.
Видео JFrog Artifactory: DevSecOps, Binary Repository Management and Image Security канала Hello InfoSec
Видео JFrog Artifactory: DevSecOps, Binary Repository Management and Image Security канала Hello InfoSec
Комментарии отсутствуют
Информация о видео
3 октября 2025 г. 1:20:26
00:37:13
Другие видео канала
CISSP Domain-4: Communication and Network Security
Quantum Supremacy: Reshaping the Future
Risk Assessment in Cyber Security
MITRE ATT&CK Matrices: Decoding a Cyberattack's Playbook
Virtualisation and VDI: Architecture, Security, Exploitation, and Resilience
Advanced Persistant Threat(APT): Who are they? What do they want?
AES Encryption: The Unbreakable Lock
The Quantum Internet: A Hybrid Frontier
NIST Cybersecurity Framework: A Guide to Digital Resilience
Cloud Data Governance: Life Cycle, Global Regulations, and Compliance Frameworks
OWASP API Security Top-10(2023): Essential Deep Dive
OWASP Top 10 API Security
Vulnerability Management: Understanding CVE, CVSS, and NVD
Trusted Platform Module(TPM): Invisible Hardware Guardian Against Cyber Threats
Microservices Unpacked: Architecture, Principles, Security, and Strategic Implications
Google Chrome: The Fortress
MFA Fatigue and Social Engineering Cyber Incidents
Secure Hash Algorithm (SHA): Foundations, Evolution, Applications, and Post-Quantum Resilience
OAIC vs Australian Clinical Labs: Establishment of Australia's Privacy Enforcement Benchmark
AES Encryption Explained: Your invisible online guardian!
CISSP Domain-1: Security, Risk, and Compliance Management
