Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Secure the Pipeline - OWASP Poland Day 2018

93 views

Published on

Secure the Pipeline by Omer Levi Hevroni, October 2018
@omerlh
@solutoeng

Published in: Technology
  • Be the first to comment

Secure the Pipeline - OWASP Poland Day 2018

  1. 1. Secure the Pipeline Omer Levi Hevroni W a r s a w , 1 0 . 1 0 . 2 0 1 8 OWASP Poland Day 2018 @omerlh
  2. 2. @omerlh Wr i t i n g S e c u re C o d e i s H a rd
  3. 3. @omerlh A l l i s G o o d Yo u C a n P u b l i s h
  4. 4. I’m a builder @omerlh
  5. 5. DevSecOps @ @omerlh
  6. 6. I OWASP • Zap contributor • Proud member • Glue project leader @omerlh
  7. 7. @omerlh What Security Tests do we Need for Apps Running on Kubernetes?
  8. 8. O u r Te st C a s e https://github.com/omerlh/container-security-testing @omerlh • .NET Core • Containerized • Deployed on Kubernetes
  9. 9. @omerlh Wait, What About the Pipeline?
  10. 10. Wra p p i n g U p h t t p s : / / w p . m e / p a k m v i - 1 w @omerlhhttp://www.viralgoal.com/wrap-adorable-cat-blanket-named-purritos/ Test Type Tool Name Static Analysis Microsoft DevSkim Dynamy Analysis OWASP Zap Packages OWASP Dependency Track/Dotnet Retire Docker Anchore Engine/Clair Kubernetes KubeSec
  11. 11. Q u e st i o n s ? @omerlhhttp://www.applestory.biz/hermione-hand-raise-gif.html
  12. 12. @omerlh Feedback is much appreciated!
  13. 13. @omerlh Wr i t i n g S e c u re C o d e i s H a rd
  14. 14. @omerlh htt p s : / / w p . me / p a k mv i - 1 w
  15. 15. Thank You Omer Levi Hevroni @omerlh @SolutoEng

×