Conf42: Cloud Native 2022

...

5 Open Source Cloud Native Security Tools All Devs Should Know About

Aviram Shmueli
Co-Founder & CPO @ Jit

Aviram Shmueli's LinkedIn account Aviram Shmueli's twitter account



The minimum viable security (MVS) approach, enables us to easily bake security into our cloud config files, apps, and CI/CD processes with a few simple controls built - and the great part? It’s easily achievable through cloud native open source tooling.

In this talk we will focus on five critical security controls that will be integrated as part of your typical cloud native operations and CI/CD pipeline and provide an overview of some of the existing tools for which challenge - with our take on the right one for the job - from npm audit to OWASP dependency check, Gitleaks to detect-secrets, to KICS & Chekhov for IaC scanning, Trivy to container security scanning, OWASP ZAP and much more. These controls will provide a foundational framework for securing your applications from the first line of code, that will make it possible to continuously iterate and evolve your security maturity all the way through advanced layers of security that comes with time, as well as increased experience with your deployments, stacks, and security posture.

Code examples & demos will be showcased as part of this session.

Awesome tech events for

Priority access to all content

Community Discord

Exclusive promotions and giveaways