Video: Dockerfile Scanning with Fortify SCA

0 Likes
9 months ago

YouTube link: https://www.youtube.com/watch?v=kO7skR5yNKo

Demo of Dockerfile Scanning with Fortify Static Code Analyzer (SCA), new with release 20.2 (Nov 2020).

Scanning of Docker Config files

- Help developers create more secure container images as part of the SDL

- Complements scanning base images for known vulnerabilities

- Supports custom rules for use cases such as verifying use of company approved base images - Dockerfiles in 20.2 (6 vulnerability categories)

- Docker Compose, K8 Helm Charts and Infrastructure as Code in future releases

- Based on CIS Benchmark

Labels:

Videos
Comment List
Anonymous
Related Discussions
Recommended