You have written your next application using the latest frameworks, technologies and deployed it on your favourite cloud provider. The sky is the limit and with full confidence you put your application into production. After some time you see unexpected behaviour and even security breaches. How can this happen?? You are using Spring, Java, Groovy, Docker and are a heck of a programmer. It could not be your fault or is it?
This talk will make you, as a developer, aware of your liability and duty of care on the applications and infrastructure that you create. It will introduce you to tools that enable you to quickly identify possible compliance and security issues.
- Cloud infrastructure best practice and compliance scanning
- Docker container security and compliance testing
- Application analyses (code quality, dependency management, license overviews)
- How to integrate application analyses, cloud infrastructure scanning and container security in your DevOps pipeline