Slide 44
Slide 44 text
Security Best Practices
● Application Code
○ Code Linters
○ Dependency Scanning
○ Code Analysis (static, dynamic, variant and manual analysis)
● Infrastructure Code
○ Dockerfile (cis benchmarks, security best practices)
○ Kubernetes manifests/Helm charts (cis benchmarks, least privilege)
○ Host images, Host infrastructure (terraform, cloud infra security configs)
○ Container Registry, Config Management
● Sensitive information checks (secrets, api keys, etc.)
● Version Control System (Config, PRs, MRs, etc.)
● Manual Review/Approval/Verification
@madhuakula
#GitHubSatellite