How to Integrate Container Security into the CI/CD Pipeline with JFrog Xray and NeuVector

In this webinar, JFrog and NeuVector will discuss the attack vectors in the pipeline and how to build security into the CI/CD process from build to ship to run-time. This will enable organizations to achieve Continuous Protection (CP) for their entire pipeline.

Agenda:

The phases where Xray protects against vulnerabilities and license compliance issues

  • IDE integration
  • Build integration
  • Preventing downloads of a Docker Registry
  • Promoting only allowed Docker images to a trusted repository

Preventing Unauthorized Deployments and Run-Time Attacks

  • Overview of the attack surface and run-time security issues
  • The phases in which NeuVector protects – live demo:
    • Allowing the deployment of containers only from Artifactory’s trusted repository
    • Enforcing admission control, taking into account the metadata from Xray
    • Detecting and preventing attacks during run-time

Resources: 

Spin up a free instance for JFrog Xray

Universal Component Analysis with JFrog Xray

Getting Started with NeuVector

Release Fast Or Die