HOW TO BUILD A CLOUD-NATIVE DEVSECOPS PIPELINE WITH JFROG AND AWS

Are you taking advantage of the best practices to easily adopt DevSecOps in the cloud?

Discover the strategies and tools you can use to ensure you can easily overcome the challenges of securing your software releases.

We will share best practices for taking advantage of DevSecOps in the cloud with JFrog and AWS. We’ll share pipeline design and architecture patterns; tips for minimizing setup, re-work and process overhead for developers; shifting-left security testing and remediation, and more. As an example we’ll explore how RedBox implemented a large-scale, cloud-native DevSecOps pipeline to service their entire cloud operations with JFrog and AWS.

Sven Ruppert, DevSecOps Developer Advocate at JFrog and Ryan Vanderwerf, Partner Solutions Architect at Amazon will discuss:

  • The benefits of a universal cloud-native DevSecOps pipeline built with the JFrog Platform on AWS, using RedBox as a use case
  • Key challenges with adopting DevSecOps at scale, and how to overcome them
  • A short overview of the JFrog Platform and how it’s the perfect fit for DevSecOps In-depth look at how JFrog Xray and how it protects you against open source vulnerabilities and license compliance issues throughout your SDLC: spanning binary management, container images, and your end-to-end CI/CD pipelines
  • How to use the Integrations Xray has with different IDE’s and CI Servers to enforce “shift left” security testing.
  • Conclusion: The future of DevSecOps

Additional Resources:

 

Release Fast Or Die