Sign up to save your podcasts
Or
Share Episode 36 - Let's Talk Secure Coding and Container Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 36 - Let's Talk Secure Coding and Container Security
In this episode I talk with Clinton Herget about secure coding, container security and the importance of having a DevSecOps mindset. Clinton is the Principal Federal Solutions Engineer for Snyk.
Talking Points (including SSDLC diagram):
- Software Vulnerabilities can happen even before your first line of custom code (Open Source Libraries)
- Review an example of a Secure Software Development Lifecycle Diagram (SSDLC)
- Pros and cons of using a Static Application Scanning Tool (SAST)
- Pros and cons of using a Dynamic Application Scanning Tool (DAST)
- Container Security:
- Image scanning guidance
- Pros and cons of containers
Podcast Sponsor Info:
Snyk is a developer security company based out of Boston (Home of Great Chowdah) Massachusetts. Part of the sponsorship fees goes towards helping At Risk students in West Michigan.
View all episodes
By Aaron Bregg
4.4
55 ratings
In this episode I talk with Clinton Herget about secure coding, container security and the importance of having a DevSecOps mindset. Clinton is the Principal Federal Solutions Engineer for Snyk.
Talking Points (including SSDLC diagram):
- Software Vulnerabilities can happen even before your first line of custom code (Open Source Libraries)
- Review an example of a Secure Software Development Lifecycle Diagram (SSDLC)
- Pros and cons of using a Static Application Scanning Tool (SAST)
- Pros and cons of using a Dynamic Application Scanning Tool (DAST)
- Container Security:
- Image scanning guidance
- Pros and cons of containers
Podcast Sponsor Info:
Snyk is a developer security company based out of Boston (Home of Great Chowdah) Massachusetts. Part of the sponsorship fees goes towards helping At Risk students in West Michigan.