filmov
tv
GitHub: DevSecOps: Part 9/12: Vulnerability Management
Показать описание
How to do Vulnerability Management in GitHub?
Session 9: In this video, Padi and I will show you how to manage and track the vulnerabilities with the GitHub Vulnerability Management (Security Tab). Vulnerability Management is the recurring process of identifying, classifying, prioritizing, mitigating, and remediating vulnerabilities
▬▬▬▬▬▬ T I M E S T A M P S ⏰ ▬▬▬▬▬▬
00:00 Welcome
00:14 Intro
00:20 How to deal with all these vulnerabilities?
00:40 DevSecOps with GitHub
01:10 Vulnerability Management in GitHub (Security Tab)
02:02 Vulnerability Management Capabilities in GitHub
04:03 Vulnerability Management Limitations in GitHub
06:41 Security Tab
06:58 Secret Scanning
08:26 Coding Scanning
09:22 Dismiss alert
10:48 Create issue
12:12 Fixing the vulnerability
13:21 CI/CD Pipeline reports
13:44 Automatically resolved vulnerability
14:46 Summary
15:45 Outro
▬▬▬▬▬▬ L I N K S 🔗▬▬▬▬▬▬
Source Code
Blog-Post
GitHub
Patrick Steger
▬▬▬▬▬▬ Want to learn more? 🚀 ▬▬▬▬▬▬
GitHub: DevSecOps: Part 1/12: What is GitHub? The fundamental concepts of a DevSecOps pipeline.
GitHub: DevSecOps: Part 2/12: Introduction to GitHub
GitHub: DevSecOps: Part 3/12: Learn How to Use SCA (Software Composition Analysis)
GitHub: DevSecOps: Part 4/12: How to ensure License Compliance?
GitHub: DevSecOps: Part 5/12: Protect your Apps with Static Application Security Testing (SAST)
GitHub: DevSecOps: Part 6/12: How to use Container Scanning
GitHub: DevSecOps: Part 7/12: How to find secrets in your own code with Secret Scanning
GitHub: DevSecOps: Part 8/12: How to use Dynamic Application Security Testing (DAST)
▬▬▬▬▬▬ S U B S C R I B E 🔔 ▬▬▬▬▬▬
╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗
║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣
╠╗║╚╝║║╠╗║╚╣║║║║║═╣
╚═╩══╩═╩═╩═╩╝╚╩═╩═╝
▬▬▬▬▬▬ Connect with me 👋 ▬▬▬▬▬▬
▬▬▬▬▬▬ P L A Y L I S T S ▶️ ▬▬▬▬▬▬
Modern Software Engineering
DevOps
GitLab: Build a DevSecOps Pipeline
#devsecops #devops #github #romanoroth
Session 9: In this video, Padi and I will show you how to manage and track the vulnerabilities with the GitHub Vulnerability Management (Security Tab). Vulnerability Management is the recurring process of identifying, classifying, prioritizing, mitigating, and remediating vulnerabilities
▬▬▬▬▬▬ T I M E S T A M P S ⏰ ▬▬▬▬▬▬
00:00 Welcome
00:14 Intro
00:20 How to deal with all these vulnerabilities?
00:40 DevSecOps with GitHub
01:10 Vulnerability Management in GitHub (Security Tab)
02:02 Vulnerability Management Capabilities in GitHub
04:03 Vulnerability Management Limitations in GitHub
06:41 Security Tab
06:58 Secret Scanning
08:26 Coding Scanning
09:22 Dismiss alert
10:48 Create issue
12:12 Fixing the vulnerability
13:21 CI/CD Pipeline reports
13:44 Automatically resolved vulnerability
14:46 Summary
15:45 Outro
▬▬▬▬▬▬ L I N K S 🔗▬▬▬▬▬▬
Source Code
Blog-Post
GitHub
Patrick Steger
▬▬▬▬▬▬ Want to learn more? 🚀 ▬▬▬▬▬▬
GitHub: DevSecOps: Part 1/12: What is GitHub? The fundamental concepts of a DevSecOps pipeline.
GitHub: DevSecOps: Part 2/12: Introduction to GitHub
GitHub: DevSecOps: Part 3/12: Learn How to Use SCA (Software Composition Analysis)
GitHub: DevSecOps: Part 4/12: How to ensure License Compliance?
GitHub: DevSecOps: Part 5/12: Protect your Apps with Static Application Security Testing (SAST)
GitHub: DevSecOps: Part 6/12: How to use Container Scanning
GitHub: DevSecOps: Part 7/12: How to find secrets in your own code with Secret Scanning
GitHub: DevSecOps: Part 8/12: How to use Dynamic Application Security Testing (DAST)
▬▬▬▬▬▬ S U B S C R I B E 🔔 ▬▬▬▬▬▬
╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗
║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣
╠╗║╚╝║║╠╗║╚╣║║║║║═╣
╚═╩══╩═╩═╩═╩╝╚╩═╩═╝
▬▬▬▬▬▬ Connect with me 👋 ▬▬▬▬▬▬
▬▬▬▬▬▬ P L A Y L I S T S ▶️ ▬▬▬▬▬▬
Modern Software Engineering
DevOps
GitLab: Build a DevSecOps Pipeline
#devsecops #devops #github #romanoroth
0:15:59
0:24:54
0:09:52
0:09:29
0:25:02
0:20:04
0:12:05
0:14:37
0:05:37
0:07:32
0:09:27
0:16:55
0:15:04
0:10:33
0:10:11
0:34:41
0:06:10
![[DevSecOps] How to](https://i.ytimg.com/vi/_uFOIf1BUwU/hqdefault.jpg)
0:03:09
0:04:54
0:01:52
0:41:18
1:40:55
0:49:00
0:38:29