Sonarqube, Docker Scout, OWASP Dependency Check, Trivy. To my knowledge tools are instrumental in maintaining security and compliance throughout the development lifecycle, ensuring that code, containers, and dependencies are robust and secure.
Thank you so much for your informative video. I think you need to change Dockerfile and remove line "CMD ["nginx", "-g", "daemon off;"]" from it. Otherwise you get an error "nginx: invalid option: "nginx" and your container will be exited.
My container is not running after adding cves and sbom commands. It's exiting instead of running when i execute the script. How to resolve this and get my container running?
ZAP is not OWASP anymore. From Wikipedia: "As of August 1, 2023, the ZAP development team announced that ZAP was leaving the OWASP Foundation to join The Software Security Project, as a founding project [7][8] and henceforth will be simply called ZAP. "
What are your favorite DevSecOps tools? LMK!
Sonarqube, Docker Scout, OWASP Dependency Check, Trivy. To my knowledge tools are instrumental in maintaining security and compliance throughout the development lifecycle, ensuring that code, containers, and dependencies are robust and secure.
SonarQube, Trivy, OWAPS, Prometheus and Grafana.
I completely agree on the statement made 16:40, I got more than a decade experience in securing DevOps but most organisation don't have this practice.
Thank you for sharing your experience in detail and requesting you to make these kind of knowledgebase videos.
Thanks for the simple and clean explanation where to start with secops. Great tutorial!
🎉 I loved every bit of the video. Clear and precise... watching all over again. Thanks a million... Waiting for part 2 😊
Great video and explanation at the beginning of the video!
Thank you for sharing an awesome video 🙂
Great video, please more
why does DevSecOps positions require so much experience when it seems this simple? and great video by the way helped me a lot
+1
HR wouldn't see it as valuable if it would be just this. So the pay would be low
Awesome thanks!!
Thank you so much for your informative video. I think you need to change Dockerfile and remove line "CMD ["nginx", "-g", "daemon off;"]" from it. Otherwise you get an error "nginx: invalid option: "nginx" and your container will be exited.
thank you sir!
My container is not running after adding cves and sbom commands. It's exiting instead of running when i execute the script. How to resolve this and get my container running?
ZAP is not OWASP anymore.
From Wikipedia:
"As of August 1, 2023, the ZAP development team announced that ZAP was leaving the OWASP Foundation to join The Software Security Project, as a founding project [7][8] and henceforth will be simply called ZAP. "
The link repo doesn’t exist
sorry, it was set to private. It's fixed now
could you please share the flowchart what you have created
Link to the eraser whiteboard is in the description 👍
Hello, I came across this amazing video on DevSecOps and can anyone help me on where to find the github repo He mention in the video?
Here you go:
github.com/devopsjourney1/DevSecOps-nginx
@@DevOpsJourneydoesn’t exist
Pushing security towards developers. First improvement, ban AI coding tools.
Can’t ban them, they will take all the white collar jobs. It’s just a soon to be fact. Unless this AI hype dies or startups in AI continue to implode.
Just for some additional context what makes you say this?