From the course: Microservices Security Workshop: From Build to Production
Join today to access over 25,500 courses taught by industry experts.
Challenge: Run and fix a container scan
From the course: Microservices Security Workshop: From Build to Production
Challenge: Run and fix a container scan
(upbeat music) - [Instructor] For this challenge, we will be running a container vulnerability scan, much like we ran a static analysis in the last challenge. First, I've created this container-scanners file here with a bunch of popular open source scanners that you can take a look at. I'll be using trivia for this one. Make sure you are on the 0308 container challenges branch in order to see this. From here, we will need to build an image that we want to scan. So let's hit into the creation service just for an example, and build the image, and we will tag it, demo:latest. And so now that that image is built, I can list it with the docker images command. Here you'll see the demo image and the latest tag. And so if I want to run a trivy scan, I can just trivy image demo:latest, and that will kick off a scan. In the next video, we will review these results, and talk about why things get complicated.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
CI/CD security4m 2s
-
(Locked)
Securing artifact repositories (artifactories)3m 44s
-
(Locked)
Container scanning4m 4s
-
(Locked)
DAST for microservices3m 22s
-
(Locked)
Microservice backups3m 54s
-
(Locked)
Encryption and service mesh3m 30s
-
(Locked)
Red teaming and penetration testing (pentesting)3m 58s
-
(Locked)
Challenge: Run and fix a container scan59s
-
(Locked)
Solution: Run and fix a container scan3m 2s
-
(Locked)
-
-