Episode 36 - Let's Talk Secure Coding and Container Security

Info

Hashtag Realtalk with Aaron Bregg

Feb 24, 2021 Season 2 Episode 8

Aaron Bregg

In this episode I talk with Clinton Herget about secure coding, container security and the importance of having a DevSecOps mindset. Clinton is the Principal Federal Solutions Engineer for Snyk.

Talking Points (including SSDLC diagram):

Software Vulnerabilities can happen even before your first line of custom code (Open Source Libraries)
Review an example of a Secure Software Development Lifecycle Diagram (SSDLC)
Pros and cons of using a Static Application Scanning Tool (SAST)
Pros and cons of using a Dynamic Application Scanning Tool (DAST)
Container Security:
- Image scanning guidance
- Pros and cons of containers

Podcast Sponsor Info:

Snyk is a developer security company based out of Boston (Home of Great Chowdah) Massachusetts. Part of the sponsorship fees goes towards helping At Risk students in West Michigan.

In this episode I talk with Clinton Herget about secure coding, container security and the importance of having a DevSecOps mindset. Clinton is the Principal Federal Solutions Engineer for Snyk.

Talking Points (including SSDLC diagram):

Software Vulnerabilities can happen even before your first line of custom code (Open Source Libraries)
Review an example of a Secure Software Development Lifecycle Diagram (SSDLC)
Pros and cons of using a Static Application Scanning Tool (SAST)
Pros and cons of using a Dynamic Application Scanning Tool (DAST)
Container Security:
- Image scanning guidance
- Pros and cons of containers

Podcast Sponsor Info:

Snyk is a developer security company based out of Boston (Home of Great Chowdah) Massachusetts. Part of the sponsorship fees goes towards helping At Risk students in West Michigan.

Hashtag Realtalk with Aaron Bregg

Episode 36 - Let's Talk Secure Coding and Container Security

Listen to this podcast on