December 31, 2022

#8 - Application Security

Listen Later

23 minutes

Send us a text

In this episode we discussed all-things application security; from scanning, to designing with security in mind, through OWASP and sources of information we feel engineers in the world of dev / ops should be aware of and familiar with!

We talked about:

OWASP Top 10 - https://owasp.org/www-project-top-ten
Git leaks - https://github.com/zricethezav/gitleaks
12 Factor - https://12factor.net
Scanners: [Python Bandit: https://bandit.readthedocs.io/en/latest, Go: https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck]
Clair static analysis for containers: https://github.com/quay/clair
Bug Bounty platforms: HackerOne, Bugcrowd, Intigrity
BGP repo cleaner - remove secrets from git history: https://rtyley.github.io/bfg-repo-cleaner
Harden EKS - https://github.com/aws-samples/hardeneks

Meir's blog: https://meirg.co.il
Omer's blog: https://omerxx.com
Telegram channel: https://t.me/espressops

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

DevOps Topeaks

By Omer Hamerman & Meir Gabay

5

33 ratings

December 31, 2022

#8 - Application Security

Listen Later

23 minutes

Send us a text

In this episode we discussed all-things application security; from scanning, to designing with security in mind, through OWASP and sources of information we feel engineers in the world of dev / ops should be aware of and familiar with!

We talked about:

OWASP Top 10 - https://owasp.org/www-project-top-ten
Git leaks - https://github.com/zricethezav/gitleaks
12 Factor - https://12factor.net
Scanners: [Python Bandit: https://bandit.readthedocs.io/en/latest, Go: https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck]
Clair static analysis for containers: https://github.com/quay/clair
Bug Bounty platforms: HackerOne, Bugcrowd, Intigrity
BGP repo cleaner - remove secrets from git history: https://rtyley.github.io/bfg-repo-cleaner
Harden EKS - https://github.com/aws-samples/hardeneks

Meir's blog: https://meirg.co.il
Omer's blog: https://omerxx.com
Telegram channel: https://t.me/espressops

...more

More shows like DevOps Topeaks

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

290 Listeners

Software Engineering Daily by Software Engineering Daily

Software Engineering Daily

625 Listeners

Python Bytes by Michael Kennedy and Brian Okken

Python Bytes

213 Listeners

Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

Syntax - Tasty Web Development Treats

985 Listeners

Screaming in the Cloud by Corey Quinn

Screaming in the Cloud

92 Listeners

Confluent Developer ft. Tim Berglund, Adi Polak & Viktor Gamov by Confluent

Confluent Developer ft. Tim Berglund, Adi Polak & Viktor Gamov

43 Listeners

AWS Podcast by Amazon Web Services

AWS Podcast

202 Listeners

Cup o' Go by Jonathan Hall & Shay Nehmad

Cup o' Go

16 Listeners

Kubernetes for Humans by Komodor

Kubernetes for Humans

2 Listeners