Checkov: Security & Compliance for Your Infrastructure-as-Code

FOLLOW & SUBSCRIBE TO DEVSLOP LinkedIn: https://www.linkedin.com/company/owasp-devslop/ Twitter: https://twitter.com/Owasp_DevSlop YouTube: https://www.youtube.com/c/OWASPDevSlop DEV.TO: https://dev.to/devslop Hosts: Nancy Gariche, Tanya Janca (@shehackspurple), Nicole Becher (@thedeadrobots) Infrastructure as code languages like Terraform and CloudFormation have emerged in recent years to more efficiently orchestrate and manage cloud infrastructure at scale. While they provide immense value to devops teams, they also introduce additional layers of complexity and risk of human error. Checkov is an open-source static code analysis tool for infrastructure-as-code. It scans cloud infrastructure managed in Terraform, Cloudformation or Kubernetes and detects misconfigurations. This workshop's learning objectives are to: 1- Provide attendees with a methodology to practice cloud infrastructure security in their organizations. 2- Share with the attendees our lessons learned from executing a cloud infrastructure security strategy in the field. 3- Provide hands-on experience working with Checkov - an open-source framework for implementing policy-as-code for public cloud infrastructure. Checkov Documentation: https://www.checkov.io/documentation Checkov on GitHub: https://github.com/bridgecrewio/checkov Slack channel: https://codified-security.herokuapp.com/ A workshop lead by Barak Schoster CTO & Co-founder, Bridgecrew https://www.checkov.io/ https://bridgecrew.io/ Barak can be found on social media here: https://twitter.com/BarakSchoster

Видео Checkov: Security & Compliance for Your Infrastructure-as-Code автора Python для начинающих: от идеи до реализации