ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "#8 - Application Security"
Episode Synopsis
Send us a textIn this episode we discussed all-things application security; from scanning, to designing with security in mind, through OWASP and sources of information we feel engineers in the world of dev / ops should be aware of and familiar with!We talked about:OWASP Top 10 - https://owasp.org/www-project-top-tenGit leaks - https://github.com/zricethezav/gitleaks12 Factor - https://12factor.netScanners: [Python Bandit: https://bandit.readthedocs.io/en/latest, Go: https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck]Clair static analysis for containers: https://github.com/quay/clairBug Bounty platforms: HackerOne, Bugcrowd, IntigrityBGP repo cleaner - remove secrets from git history: https://rtyley.github.io/bfg-repo-cleanerHarden EKS - https://github.com/aws-samples/hardeneksMeir's blog: https://meirg.co.ilOmer's blog: https://omerxx.com Telegram channel: https://t.me/espressops
More episodes of the podcast DevOps Topeaks
#47 - Monitoring Kubernetes Nodes
27/07/2024
#46 - Modern AI & Engineering Jobs
09/05/2024
#45 - The Glorious S3
02/05/2024
#44 - K8s is a Kindergarten
31/03/2024
#43 - Caching!
25/01/2024
#42 - Realtime DevOps Consultation
14/01/2024
#41 - Auto(no)mation
05/01/2024
#40 - ReInvent 2023 Recap
29/12/2023
#39 - DevOps Leave Managers, Not Companies
27/11/2023
#38 - Squeezing the Lemon
17/11/2023
In God we trust