Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Learning DevOps The complete guide to accelerate collaboration with Jenkins, Kubernetes, Terraform and Azure DevOps

Product type Paperback

Published in Oct 2019

Publisher Packt

ISBN-13 9781838642730

Length 504 pages

Edition 1st Edition

Tools

Azure

Concepts

DevOps

Author (1):

Mikael Krief

View More author details

Table of Contents (23) Chapters

Preface

1. Section 1: DevOps and Infrastructure as Code FREE CHAPTER

2. DevOps Culture and Practices

3. Provisioning Cloud Infrastructure with Terraform

4. Using Ansible for Configuring IaaS Infrastructure

5. Optimizing Infrastructure Deployment with Packer

6. Section 2: DevOps CI/CD Pipeline

7. Managing Your Source Code with Git

8. Continuous Integration and Continuous Delivery

9. Section 3: Containerized Applications with Docker and Kubernetes

10. Containerizing Your Application with Docker

11. Managing Containers Effectively with Kubernetes

12. Section 4: Testing Your Application

13. Testing APIs with Postman

14. Static Code Analysis with SonarQube

15. Security and Performance Tests

16. Section 5: Taking DevOps Further

17. Security in the DevOps Process with DevSecOps

18. Reducing Deployment Downtime

19. DevOps for Open Source Projects

20. DevOps Best Practices

21. Assessments

22. Other Books You May Enjoy

Leave a review - let other readers know what you think

Detecting security vulnerabilities with WhiteSource Bolt

Due to their public visibility, open source projects or components are highly exposed to security vulnerabilities because it is easier to unintentionally inject a component (a package or one of its dependencies) containing a security vulnerability into them.

In addition to static source code analysis, it is also very important to continuously check the security of packages that are referenced or used in our open source projects.

There are many tools available that we can use to analyze the security of referenced packages in applications, such as SonaType AppScan (https://www.sonatype.com/appscan), Snyk (https://snyk.io/), and WhiteSource Bolt (https://bolt.whitesourcesoftware.com/).

For more information on open source vulnerability scanning tools, take a look at the following article, which lists 13 tools that analyze the...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Mikael Krief

Mikael Krief is a DevOps engineer who lives in France. He believes that Infrastructure as Code is a fundamental practice in DevOps culture. He is therefore interested in HashiCorp products and specializes in the use of Terraform. Mikael loves to share his passion through various communities, such as the HashiCorp User Groups. Over the years, he has contributed to many public projects, written various blog posts, published several books, and spoken at leading conferences. For his contributions and passion, he was nominated and selected as a HashiCorp Ambassador since 2019, and he has been awarded the Microsoft Most Valuable Professional (MVP) award for 7 years.

See other products by Mikael Krief