From the course: Microservices Security Workshop: From Build to Production
Join today to access over 25,500 courses taught by industry experts.
Securing artifact repositories (artifactories)
From the course: Microservices Security Workshop: From Build to Production
Securing artifact repositories (artifactories)
- [Instructor] Let's take a lesson to talk about a part of the build process that often gets overlooked in microservice security, the artifact repository. In a typical CI/CD pipeline, code goes through a test phase where unit or integration tests are run, followed by a build phase where some kind of artifact is produced. That artifact might be a compiled binary, a container image, a static file bundle. Regardless of what form it takes, the outputs of the build phase is known as an artifact, and these artifacts are typically uploaded to a centralized storage system known as an artifact repository or artifactory. Artifactory tools include services like JFrog Artifactory, GitHub Packages, AWS Container Registry, and many, many others. These are repositories are where build systems push the final compiled result before a deployment, and where orchestrators or cloud platforms then pull those artifacts and deploy them out into production. For microservice environments where each service may…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
CI/CD security4m 2s
-
(Locked)
Securing artifact repositories (artifactories)3m 44s
-
(Locked)
Container scanning4m 4s
-
(Locked)
DAST for microservices3m 22s
-
(Locked)
Microservice backups3m 54s
-
(Locked)
Encryption and service mesh3m 30s
-
(Locked)
Red teaming and penetration testing (pentesting)3m 58s
-
(Locked)
Challenge: Run and fix a container scan59s
-
(Locked)
Solution: Run and fix a container scan3m 2s
-
(Locked)
-
-