Want to get into the world of DevSecOps? In this video we go over important DevSecOps Principles like SCA, SAST, SBOM, SecretScanners and removing vulnerabilities by reducing your security footprint with Distroless images.
Distroless Images article: https://edu.chainguard.dev/chainguard/chainguard-images/getting-started-distroless?utm_source=bradmorgan&utm_medium=devinfluencers&utm_campaign=FY25-DevInfluencers
Chainguard NGINX Image: https://images.chainguard.dev/directory/image/nginx/overview/?utm_source=bradmorgan&utm_medium=devinfluencers&utm_campaign=FY25-DevInfluencers
Eraser Whiteboard: https://app.eraser.io/workspace/lV8r8PWZCwuASvuEf5wF?origin=share
Docker Desktop: https://www.docker.com/products/docker-desktop/
Repo with Code: https://github.com/devopsjourney1/DevSecOps-nginx
---
Support the Channel:
🛍️ Amazon (Lab/Gear/Books): https://www.amazon.com/shop/devopsjourney
☕ Buy me a coffee: https://www.buymeacoffee.com/bradmorg
---
📘 Chapters:
0:00 Intro
1:13 Shifting Security Left
3:25 DevSecOps Pipeline whiteboarding
16:45 Lab Intro
19:54 Finding Vulnerabilities using Docker Scout
27:10 Secure Distroless Images
32:25 Generating SBOM (Software Bill of Materials)
Sponsorships:
This DevSecOps video was sponsored by Chainguard. Learn more about what they are doing for the DevSecOps world here https://www.chainguard.dev/?utm_source=bradmorgan&utm_medium=devinfluencers&utm_campaign=FY25-DevInfluencers
Eraser.io Is also a supporter of the channel. Check out their whiteboarding tool here:
https://eraser.io/