Tutorial: Indentifying and mitigating vulnerabilities in your application stack
This video is about showcasing how any developer can use security scanners effectively to improve the security posture of their workloads and services.
We are going through:
Scanning your source code
Fixing vulnerabilities in your source code
Ignoring vulnerabilities that you cannot fix
Patching vulnerabilities by overriding the vulnerable library
Scanning your configuration files such as your Dockefile for vulnerabilities
and more!
------------------------------------------------------------------------------------------------------
The blog post on "The lifecycle of a Vulnerability" https://anaisurl.com/the-lifecycle-of...
------------------------------------------------------------------------------------------------------
Additional resources used:
Trivy GitHub: https://github.com/aquasecurity/trivy
Install Trivy: https://aquasecurity.github.io/trivy/...
Filter vulnerabilities Documentation: https://aquasecurity.github.io/trivy/...
Filter Vulnerabilities Tutorial: https://www.youtube.com/@AquaSecOSS/s...
The Aqua Security Open Source Channel: / @aquasecoss
Example application used: https://github.com/Cloud-Native-Secur...
------------------------------------------------------------------------------------------------------
Chapters:
00:00 - Intro to the video
02:02 - Introduction to filtering vulnerabilities
03:25 - Scanning your source code
04:49 - Fixing vulnerabilities in your source code
05:19 - Identify the source of the vulnerability
08:08 - Patching vulnerabilities by overriding the vulnerable library
10:46 - Make sure your container image still works
12:03 - Scanning your configuration files such as your Dockefile for vulnerabilities
13:15 - Fix your base container image
16:11 - Outro
