Skip to content

Latest commit

 

History

History
18 lines (9 loc) · 1.29 KB

additional-resources-and-next-steps.md

File metadata and controls

18 lines (9 loc) · 1.29 KB

Workshop Wrap Up

Thank You!

As you experienced, DecSecOps is an emerging set of practices, processes, and tools to help organizations use, maintain, and secure the software they create. Most organizations have started their DevSecOps journey by finding and fixing their open source vulnerabilities.

As organizations migrate to containers, they continue to evolve their security practices to generate a secure software supply chain to accelerate delivery. As infrastructure configuration becomes part of the software baseline, we need better tools to validate and secure these new artifacts.

I want to thank you for your time and completing the exercises in this workshop.

Additional Resources

Additional DevSecOps resources are available on Snyk's DevSecOps Hub. The open-source security foundation under the Linux Foundation. For more details, please visit https://openssf.org/.

Next Steps

The workshop has an additional exercise for anyone interested. The CI/CD pipeline also builds a cloud-native container image using the Cloud Native Buildpacks and the pack command. The Github action to monitor the container images is inactive, but the image results can be monitored via Snyk and compared to the Docker file approach used in the workshop.