From the course: Application Security Posture Management: Security from the Supply Chain to Cloud Runtime
Join today to access over 24,900 courses taught by industry experts.
Infrastructure as code scanning
From the course: Application Security Posture Management: Security from the Supply Chain to Cloud Runtime
Infrastructure as code scanning
- [Instructor] It's unfortunate that cloud security posture management took off before many other tools in the cloud security space. While scanning for misconfigurations at runtime is all well and good, most enterprises run their entire cloud infrastructure from infrastructure as code, most commonly Terraform and Helm. These configuration languages define the entire cloud environment in advance, allowing security teams to immediately surface security issues to teams instead of waiting until it's already been deployed, where it can be very hard and time consuming to fix. Infrastructure as code scanning can be a bit complicated for a few reasons. First, there are a lot of different types of infrastructure as code, from Helm charts to Kubernetes deployments to Terraform and lots and lots of other things in between. It's difficult to find an IaC scanner that does a really great job at all of them. So we're going to take this time to just dive in and try a couple of them out. Back in our…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
(Locked)
Challenges with securing code4m 34s
-
(Locked)
Static application security testing (SAST)4m 50s
-
(Locked)
Software bill of materials (SBOM)5m 14s
-
(Locked)
Software composition analysis (SCA)4m 50s
-
(Locked)
Secret scanning5m 25s
-
(Locked)
Infrastructure as code scanning3m 27s
-
(Locked)
Challenge: Run your own scan59s
-
(Locked)
Solution: Run your own scan1m 35s
-
(Locked)
-
-
-
-