SlideShare a Scribd company logo
Snyk.io
Building security into your pipelines
Matt Jarvis | Senior Developer Advocate | matt.jarvis@snyk.io
Continuous Security
1
Snyk.io
● Matt Jarvis
○ Senior Developer Advocate @ Snyk
● Building stuff with open source for ~20 years
● Ops, Dev, DevOps and now Security
$whoami
@mattj_io
mattj-io
mattjarvis.org.uk
What is an application?
Networking
Virtual Machines
Your application
Pre-Cloud era
Developers wrote the application
IT Operations had the rest of the stack
Security was a step in the process
Virtual Infrastructure
Physical Hardware
What is an application?
Networking
Virtual Machines
Your application
Pre-Cloud era
Developers wrote the application
IT Operations had the rest of the stack
Security was a step in the process
Cloud Era
Developers write the code
and deploy, network and provision
This is now your application
So where does security fit?
Virtual Infrastructure
Physical Hardware Cloud Infrastructure
Terraform
Kubernetes
Your application
Container Image
Shifting security
Your application code
Are my open source dependencies up to date? Do I
have any vulnerabilities?
Cloud Infrastructure
Terraform
Kubernetes
Your application
Container Image
Deploying your code
Have I configured my containers correctly? Do I need
a root user? What is this load balancer?
Provision your infrastructure
Is my blobstore readable by the world? Have I setup
my permissions appropriately?
Snyk.io
Your App
Snyk.io
Your App
Your Code
Snyk.io
source: https://snyk.io/opensourcesecurity-2019
Snyk.io
source: https://snyk.io/opensourcesecurity-2019
Snyk.io
Jan 2015
rimrafall
Jan 2017
crossenv
May 2018
getcookies
Jul 2018
eslint-scope
Nov 2018
event-stream
Snyk.io
May 2018
getcookies
Parse HTTP headers for cookie data
Snyk.io
May 2018
getcookies
Parse HTTP headers for cookie data
or does it...?
Snyk.io
Snyk.io
getcookies
express-cookies
http-fetch-cookies
Snyk.io
getcookies
express-cookies
http-fetch-cookies
mailparser 440,000 downloads/month
Developer
owned
68%
Developers own
the security of container images
Snyk.io
source: https://snyk.io/opensourcesecurity-2019
Snyk.io
source: https://snyk.io/opensourcesecurity-2019
Snyk.io
source: https://snyk.io/opensourcesecurity-2019
Snyk.io
44%
of docker image vulnerabilities can
be fixed with newer base images
Snyk.io
20%
of docker image vulnerabilities can
be fixed just by rebuilding them
Configuration is increasingly in code
Configuration is everywhere
Azure ARM
250k+
Terraform
200k+
Kubernetes
2m+
AWS CF
90k+
Serverless
40k+
Compose
600k+
Sense of scale of infrastructure as code in public repositories on GitHub
Security misconfiguration is the
most commonly seen issue.
This is commonly a result of
insecure default configurations,
incomplete or ad hoc
configurations, open cloud
storage...
“
“
Configuration is a security risk
https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration
CI/CD
Git repository
Traditional/PaaS
Serverless
Production
Container Security Spectrum
Securing development and operations
Registry
deploy
Security
gate
Code
Test & fix Test, fix,
monitor
build
Kubernetes
Monitor & fix
submit
Test, fix,
monitor
Developer First ...
Integrated workflows - IDE, CLI
$ snyk container test garethr/snyky --file=Dockerfile
Testing garethr/snyky...
✗ High severity vulnerability found in libpng
Description: Out-of-Bounds
Info: https://snyk.io/vuln/SNYK-LINUX-LIBPNG-172022
Introduced through: libpng@1.6.34-r1, freetype@2.9.1-r1,
openjdk8-jre@8.191.12-r0
From: libpng@1.6.34-r1
From: freetype@2.9.1-r1 > libpng@1.6.34-r1
From: openjdk8-jre@8.191.12-r0 > libpng@1.6.34-r1
Fixed in: 1.6.37-r0
✗ High severity vulnerability found in git
Description: Untrusted Search Path
Info: https://snyk.io/vuln/SNYK-LINUX-GIT-175991
Introduced through: git@2.18.1-r0
From: git@2.18.1-r0
Fixed in: 2.18.1-r1
Remediation guidance to minimize exposure
and reduce time-to-fix
Get straight to the Dockerfile
instructions that introduce
vulnerabilities
Follow base image recommendations
to reduce your total vulnerability
exposure
● 2 factor authentication
● Strong key management practices
● Update git
● Beware of exposing private data
● Strong review processes
Make sure our repos are secure !
Pull request scanning and repository monitoring
Automated remediation
Scan new code
Scan images in registries ...
CI Pipelines
The Snyk Kubernetes controller scans your workloads
for vulnerable images. Then detects insecure
configurations that makes those vulnerabilities easier
for an attacker to exploit.
Prioritise vulnerabilities based on
production configuration
H
A remotely exploitable Java vulnerability. Deployed to production, not just
development. Running in a Kubernetes pod which is running as root and doesn’t
drop capabilities. Connected to a service with a public IP address.
+ =
Protect your application
After the initial scan
Containers shift
ownership of code +
runtime
environment to
developers
Developers aren’t
security experts -
they need support
and tools that
empower them
More software +
faster release
cycles leads to
more software risk
It is critical for developers to secure containers
from the start
Local CI/CD Registry Production
$ snyk test --docker garethr/snyky
Testing garethr/snyky...
✗ Low severity vulnerability found in git
Description: CVE-2018-19486
Info: https://snyk.io/vuln/SNYK-LINUX-GIT-175991
Introduced through: git@2.18.1-r0
From: git@2.18.1-r0
Introduced by your base image (release)
Fixed in: 2.18.1-r1
Organisation: garethr
Package manager: apk
Git
Detect vulnerabilities
Throughout the software supply chain
Snyk.io
Thanks For Listening !
35

More Related Content

What's hot

Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3
Velocidex Enterprises
 
Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...
Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...
Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...
Docker, Inc.
 
Crikeycon 2019 Velociraptor Workshop
Crikeycon 2019 Velociraptor WorkshopCrikeycon 2019 Velociraptor Workshop
Crikeycon 2019 Velociraptor Workshop
Velocidex Enterprises
 
IstioD - From Microservices to Monolithic
IstioD - From Microservices to MonolithicIstioD - From Microservices to Monolithic
IstioD - From Microservices to Monolithic
All Things Open
 
Hyperledger community update 201805
Hyperledger community update 201805Hyperledger community update 201805
Hyperledger community update 201805
Arnaud Le Hors
 
Technical introduction to Hyperledger's Fabric
Technical introduction to Hyperledger's FabricTechnical introduction to Hyperledger's Fabric
Technical introduction to Hyperledger's Fabric
Altoros
 
RootStack - Devfactory
RootStack - DevfactoryRootStack - Devfactory
RootStack - Devfactory
Kangaroot
 
Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & WeaveworksSecure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Weaveworks
 
Cloud native policy enforcement with Open Policy Agent
Cloud native policy enforcement with Open Policy AgentCloud native policy enforcement with Open Policy Agent
Cloud native policy enforcement with Open Policy Agent
LibbySchulze
 
FIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart SystemsFIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE
 
Help , My Datacenter is on fire
Help , My Datacenter is on fireHelp , My Datacenter is on fire
Help , My Datacenter is on fire
Kris Buytaert
 
Hyperledger community update Feb 20, 2018
Hyperledger community update Feb 20, 2018Hyperledger community update Feb 20, 2018
Hyperledger community update Feb 20, 2018
Arnaud Le Hors
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
DevOps.com
 
Containers in depth – Understanding how containers work to better work with c...
Containers in depth – Understanding how containers work to better work with c...Containers in depth – Understanding how containers work to better work with c...
Containers in depth – Understanding how containers work to better work with c...
All Things Open
 
OSMC 2018 | Tailored SNMP monitoring – Your own SNMP MIB and sub-agent with P...
OSMC 2018 | Tailored SNMP monitoring – Your own SNMP MIB and sub-agent with P...OSMC 2018 | Tailored SNMP monitoring – Your own SNMP MIB and sub-agent with P...
OSMC 2018 | Tailored SNMP monitoring – Your own SNMP MIB and sub-agent with P...
NETWAYS
 
C++ Webinar "Why Should You Learn C++ in 2021-22?"
C++ Webinar "Why Should You Learn C++ in 2021-22?"C++ Webinar "Why Should You Learn C++ in 2021-22?"
C++ Webinar "Why Should You Learn C++ in 2021-22?"
GlobalLogic Ukraine
 
How to 2FA-enable Open Source Applications
How to 2FA-enable Open Source ApplicationsHow to 2FA-enable Open Source Applications
How to 2FA-enable Open Source Applications
All Things Open
 
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open SourceEnhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Nico Meisenzahl
 
OSMC 2018 | Current State of Icinga by Bernd Erk
OSMC 2018 | Current State of Icinga by Bernd ErkOSMC 2018 | Current State of Icinga by Bernd Erk
OSMC 2018 | Current State of Icinga by Bernd Erk
NETWAYS
 
Hyperledger Cello Feb 20, 2018
Hyperledger Cello Feb 20, 2018Hyperledger Cello Feb 20, 2018
Hyperledger Cello Feb 20, 2018
Arnaud Le Hors
 

What's hot (20)

Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3
 
Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...
Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...
Securing the Software Supply Chain with TUF and Docker - Justin Cappos and Sa...
 
Crikeycon 2019 Velociraptor Workshop
Crikeycon 2019 Velociraptor WorkshopCrikeycon 2019 Velociraptor Workshop
Crikeycon 2019 Velociraptor Workshop
 
IstioD - From Microservices to Monolithic
IstioD - From Microservices to MonolithicIstioD - From Microservices to Monolithic
IstioD - From Microservices to Monolithic
 
Hyperledger community update 201805
Hyperledger community update 201805Hyperledger community update 201805
Hyperledger community update 201805
 
Technical introduction to Hyperledger's Fabric
Technical introduction to Hyperledger's FabricTechnical introduction to Hyperledger's Fabric
Technical introduction to Hyperledger's Fabric
 
RootStack - Devfactory
RootStack - DevfactoryRootStack - Devfactory
RootStack - Devfactory
 
Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & WeaveworksSecure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks
 
Cloud native policy enforcement with Open Policy Agent
Cloud native policy enforcement with Open Policy AgentCloud native policy enforcement with Open Policy Agent
Cloud native policy enforcement with Open Policy Agent
 
FIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart SystemsFIWARE Wednesday Webinars - Short Term History within Smart Systems
FIWARE Wednesday Webinars - Short Term History within Smart Systems
 
Help , My Datacenter is on fire
Help , My Datacenter is on fireHelp , My Datacenter is on fire
Help , My Datacenter is on fire
 
Hyperledger community update Feb 20, 2018
Hyperledger community update Feb 20, 2018Hyperledger community update Feb 20, 2018
Hyperledger community update Feb 20, 2018
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
 
Containers in depth – Understanding how containers work to better work with c...
Containers in depth – Understanding how containers work to better work with c...Containers in depth – Understanding how containers work to better work with c...
Containers in depth – Understanding how containers work to better work with c...
 
OSMC 2018 | Tailored SNMP monitoring – Your own SNMP MIB and sub-agent with P...
OSMC 2018 | Tailored SNMP monitoring – Your own SNMP MIB and sub-agent with P...OSMC 2018 | Tailored SNMP monitoring – Your own SNMP MIB and sub-agent with P...
OSMC 2018 | Tailored SNMP monitoring – Your own SNMP MIB and sub-agent with P...
 
C++ Webinar "Why Should You Learn C++ in 2021-22?"
C++ Webinar "Why Should You Learn C++ in 2021-22?"C++ Webinar "Why Should You Learn C++ in 2021-22?"
C++ Webinar "Why Should You Learn C++ in 2021-22?"
 
How to 2FA-enable Open Source Applications
How to 2FA-enable Open Source ApplicationsHow to 2FA-enable Open Source Applications
How to 2FA-enable Open Source Applications
 
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open SourceEnhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
Enhance Your Kubernetes CI/CD Pipelines With GitLab & Open Source
 
OSMC 2018 | Current State of Icinga by Bernd Erk
OSMC 2018 | Current State of Icinga by Bernd ErkOSMC 2018 | Current State of Icinga by Bernd Erk
OSMC 2018 | Current State of Icinga by Bernd Erk
 
Hyperledger Cello Feb 20, 2018
Hyperledger Cello Feb 20, 2018Hyperledger Cello Feb 20, 2018
Hyperledger Cello Feb 20, 2018
 

Similar to stackconf 2021 | Continuous Security – integrating security into your pipelines

Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022
Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022
Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022
Brian Vermeer
 
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous SecurityHardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
Weaveworks
 
Snyk Intro - Developer Security Essentials 2022
Snyk Intro - Developer Security Essentials 2022Snyk Intro - Developer Security Essentials 2022
Snyk Intro - Developer Security Essentials 2022
Liran Tal
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline Security
James Wickett
 
AWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWSAWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWS
Eric Smalling
 
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
sparkfabrik
 
Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"
Fwdays
 
Here Be Dragons: Security Maps of the Container New World
Here Be Dragons: Security Maps of the Container New WorldHere Be Dragons: Security Maps of the Container New World
Here Be Dragons: Security Maps of the Container New World
C4Media
 
EuroPython 2019: Modern Continuous Delivery for Python Developers
EuroPython 2019: Modern Continuous Delivery for Python DevelopersEuroPython 2019: Modern Continuous Delivery for Python Developers
EuroPython 2019: Modern Continuous Delivery for Python Developers
Peter Bittner
 
Binary Authorization in Kubernetes
Binary Authorization in KubernetesBinary Authorization in Kubernetes
Binary Authorization in Kubernetes
Aysylu Greenberg
 
IoTWorld 2016 OSS Keynote Param Singh, Ian Skerrett
IoTWorld 2016 OSS Keynote Param Singh, Ian SkerrettIoTWorld 2016 OSS Keynote Param Singh, Ian Skerrett
IoTWorld 2016 OSS Keynote Param Singh, Ian Skerrett
Param Singh
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWS
Eric Smalling
 
Embacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDEmbacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CD
Nebulaworks
 
DevSecCon Boston 2018: Building a practical DevSecOps pipeline for free by Je...
DevSecCon Boston 2018: Building a practical DevSecOps pipeline for free by Je...DevSecCon Boston 2018: Building a practical DevSecOps pipeline for free by Je...
DevSecCon Boston 2018: Building a practical DevSecOps pipeline for free by Je...
DevSecCon
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
DevOps.com
 
Prepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/GreenPrepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/Green
Sonatype
 
All Day DevOps 2016 Fabian - Defending Thyself with Blue Green
All Day DevOps 2016 Fabian - Defending Thyself with Blue GreenAll Day DevOps 2016 Fabian - Defending Thyself with Blue Green
All Day DevOps 2016 Fabian - Defending Thyself with Blue Green
Fab L
 
Continuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8sContinuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8s
QAware GmbH
 
Network Security Open Source Software Developer Certification
Network Security Open Source Software Developer CertificationNetwork Security Open Source Software Developer Certification
Network Security Open Source Software Developer Certification
Vskills
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrew
LibbySchulze
 

Similar to stackconf 2021 | Continuous Security – integrating security into your pipelines (20)

Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022
Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022
Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022
 
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous SecurityHardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
 
Snyk Intro - Developer Security Essentials 2022
Snyk Intro - Developer Security Essentials 2022Snyk Intro - Developer Security Essentials 2022
Snyk Intro - Developer Security Essentials 2022
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline Security
 
AWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWSAWS live hack: Docker + Snyk Container on AWS
AWS live hack: Docker + Snyk Container on AWS
 
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
CodeMotion 2023 - Deep dive nella supply chain della nostra infrastruttura cl...
 
Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"Alexey Kupriyanenko "Release Early, Often, Stable"
Alexey Kupriyanenko "Release Early, Often, Stable"
 
Here Be Dragons: Security Maps of the Container New World
Here Be Dragons: Security Maps of the Container New WorldHere Be Dragons: Security Maps of the Container New World
Here Be Dragons: Security Maps of the Container New World
 
EuroPython 2019: Modern Continuous Delivery for Python Developers
EuroPython 2019: Modern Continuous Delivery for Python DevelopersEuroPython 2019: Modern Continuous Delivery for Python Developers
EuroPython 2019: Modern Continuous Delivery for Python Developers
 
Binary Authorization in Kubernetes
Binary Authorization in KubernetesBinary Authorization in Kubernetes
Binary Authorization in Kubernetes
 
IoTWorld 2016 OSS Keynote Param Singh, Ian Skerrett
IoTWorld 2016 OSS Keynote Param Singh, Ian SkerrettIoTWorld 2016 OSS Keynote Param Singh, Ian Skerrett
IoTWorld 2016 OSS Keynote Param Singh, Ian Skerrett
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWS
 
Embacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CDEmbacing service-level-objectives of your microservices in your Cl/CD
Embacing service-level-objectives of your microservices in your Cl/CD
 
DevSecCon Boston 2018: Building a practical DevSecOps pipeline for free by Je...
DevSecCon Boston 2018: Building a practical DevSecOps pipeline for free by Je...DevSecCon Boston 2018: Building a practical DevSecOps pipeline for free by Je...
DevSecCon Boston 2018: Building a practical DevSecOps pipeline for free by Je...
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
 
Prepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/GreenPrepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/Green
 
All Day DevOps 2016 Fabian - Defending Thyself with Blue Green
All Day DevOps 2016 Fabian - Defending Thyself with Blue GreenAll Day DevOps 2016 Fabian - Defending Thyself with Blue Green
All Day DevOps 2016 Fabian - Defending Thyself with Blue Green
 
Continuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8sContinuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8s
 
Network Security Open Source Software Developer Certification
Network Security Open Source Software Developer CertificationNetwork Security Open Source Software Developer Certification
Network Security Open Source Software Developer Certification
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrew
 

Recently uploaded

Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdfBaha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
Remote DBA Services
 
Unveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdfUnveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdf
brainerhub1
 
What’s New in Odoo 17 – A Complete Roadmap
What’s New in Odoo 17 – A Complete RoadmapWhat’s New in Odoo 17 – A Complete Roadmap
What’s New in Odoo 17 – A Complete Roadmap
Envertis Software Solutions
 
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
gapen1
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
Sven Peters
 
Modelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - AmsterdamModelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - Amsterdam
Alberto Brandolini
 
ppt on the brain chip neuralink.pptx
ppt  on   the brain  chip neuralink.pptxppt  on   the brain  chip neuralink.pptx
ppt on the brain chip neuralink.pptx
Reetu63
 
14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision
ShulagnaSarkar2
 
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom KittEnhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
Peter Caitens
 
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLESINTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
anfaltahir1010
 
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
kalichargn70th171
 
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
dakas1
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
Green Software Development
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
Green Software Development
 
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Julian Hyde
 
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
Bert Jan Schrijver
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
rodomar2
 
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
The Third Creative Media
 
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina JonuziEnergy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
Green Software Development
 

Recently uploaded (20)

Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdfBaha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
 
Unveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdfUnveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdf
 
What’s New in Odoo 17 – A Complete Roadmap
What’s New in Odoo 17 – A Complete RoadmapWhat’s New in Odoo 17 – A Complete Roadmap
What’s New in Odoo 17 – A Complete Roadmap
 
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
 
Modelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - AmsterdamModelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - Amsterdam
 
ppt on the brain chip neuralink.pptx
ppt  on   the brain  chip neuralink.pptxppt  on   the brain  chip neuralink.pptx
ppt on the brain chip neuralink.pptx
 
14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision
 
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom KittEnhanced Screen Flows UI/UX using SLDS with Tom Kitt
Enhanced Screen Flows UI/UX using SLDS with Tom Kitt
 
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLESINTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
 
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
 
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
 
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
 
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
J-Spring 2024 - Going serverless with Quarkus, GraalVM native images and AWS ...
 
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CDKuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
 
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
 
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina JonuziEnergy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
 

stackconf 2021 | Continuous Security – integrating security into your pipelines