In this episode I talk with Clinton Herget about secure coding, container security and the importance of having a DevSecOps mindset.  Clinton is the Principal Federal Solutions Engineer for Snyk. Talking Points (including SSDLC diagram):Software Vulnerabilities can happen even before your first line of custom code (Open Source Libraries)Review an example of a Secure Software Development Lifecycle Diagram (SSDLC)Pros and cons of using a Static Application Scanning Tool (SAST)Pros and cons of using a Dynamic Application Scanning Tool (DAST)Container Security:Image scanning guidancePros and cons of containersPodcast Sponsor Info: Snyk is a developer security company based out of Boston (Home of Great Chowdah) Massachusetts. Part of the sponsorship fees goes towards helping At Risk students in West Michigan.

Ver todos los episodios