Training Session Video
Notable logs from the chat during the session
14:35:52 From evanjones : Q.) What about Pulumi in regards to being used a IaC?
14:47:25 From Barak Schoster : https://github.com/bridgecrewio/terragoat
14:50:33 From Corcoran Smith : Checkov is The Answer
14:51:04 From Barak Schoster : https://github.com/bridgecrewio/checkov
14:51:10 From Barak Schoster : brew tap bridgecrewio/checkov https://github.com/bridgecrewio/checkov
brew install checkov
14:51:13 From Corcoran Smith : Checkov even works on Windows :wink:
14:59:52 From Corcoran Smith : Secrets in TF state are a massive headache, for sure. Sops, Hashi Vault both help here. 15:07:10 From Didar Gelici : can you show how to exit vim?
15:07:12 From Didar Gelici : lol
15:07:38 From evanjones : Or :wq if you want to save
15:11:33 From Didar Gelici : https://www.checkov.io/
15:11:34 From Didar Gelici : https://www.checkov.io/documentation
15:12:06 From Corcoran Smith : Custom rules and store them in a GitHub repo? :wink:
15:36:21 From evanjones : Twitter handle?
15:36:31 From Barak Schoster : @BarakSchoster
About this talk:
Planning, provisioning, and changing infrastructure are becoming vital to rapid cloud application development. Incorporating infrastructure-as-code into software development promotes transparency and immutability and helps prevent bad configurations upstream.
In this talk:
We’ll cover the current state of infrastructure security in the open source registries.
From there we will continue to discuss best practices for writing, testing, and maintaining infrastructure at scale, keeping the infrastructure code secured using open source scanners.
We will cover infrastructure security use cases like encryption, public facing data entities and plain text secrets, And will show how to find those using policy as code.
Back to list of all Training Sessions