DevSecOps for Kubernetes-based Applications

In this webinar, we will discuss concerns over security, privacy, and compliance holding back organizations from making the move to fully cloud-native initiatives. As more and more companies orchestrate their containerized applications in Kubernetes, enabling DevSecOps and continuous security becomes a must.

We will look at the end-to-end SDLC process – from the first line of code up to an application running in a Kubernetes cluster – to examine the importance of DevSecOps. Where can you start, what does it look like for a developer, key patterns for success, and how you can achieve speed and scale while reducing risk and ensuring compliance.

Agenda :

• From DevOps to DevSecOps
• Container security: why it is different, and tips for streamlining security and governance for cloud-native apps
• Patterns for minimizing setup and process overhead for developers to accelerate DevSecOps adoption
• Overview of the end-to-end delivery process for K8s-based apps – highlighting key security concerns along the way and best practices for addressing them.
• Demo of how to use the JFrog Platform to enable DevSecOps and “shift-left” security for Kubernetes applications. We’ll review Artifactory, JFrog Xray for built-in continuous security and deep recursive scanning of container images, setting up compliance rules, CI/CD Pipelines, and more.