fbpx

Red Hat OpenShift Commons Briefing: Securing a DevOps OpenShift Pipeline, September 26, 2018

Event date

September 26, 2018


ZeroNorth VP of Engineering Andrei Bezdedeanu and Director of Engineering Sergey Bobrov discuss “Securing a DevOps OpenShift Pipeline” at Red Hat OpenShift Commons.

Abstract: 

The ZeroNorth™ platform integrates seamlessly into the DevOps process and enables continuous scanning capabilities at every stage. As code gets written and committed to code repositories, as build processes complete, ZeroNorth can submit the code or build artifacts to scanning by a variety of open source and commercial SAST and SCA tools. The platform provides a unified integration to all products, which lowers the barriers for adoption and potential switching costs. Similarly, container images can be scanned as soon as they are built or posted to repositories such a Docker Hub, Artifactory or Nexus.

Within an OpenShift environment ZeroNorth discovers and automatically scans all applications deployed, as well as the published external routes, with a range of DAST open source or commercial products. As new applications get deployed or new routes created, ZeroNorth can detect them, automatically create new targets and scan them immediately for any vulnerabilities or misconfigurations.

Scan results from the entire security toolchain are collected, normalized and deduplicated in order to provide the most concise and accurate view of the customer’s Security Posture at an application level. Static and dynamic scan results are correlated to provide valuable information about the most critical vulnerabilities as well as point out the root causes of the exploits observed against the applications.

ZeroNorth dashboards present data relevant to the executive level as well as for application stakeholders and individual contributors. Ultimately, the platform provides a clear view of Application and Enterprise Risk and helps users answer key business questions regarding the security and quality of the applications within the enterprise.


Demo Videos

5-Min Demo Video: A Single Source of Truth on AppSec Risk with ZeroNorth DevSecOps Analytics & Reporting

The key to reducing AppSec risk is pretty simple. It all starts with AppSec visibility and everyone looking at the same data. AppSec visibility data provides ...

Watch Now

Webinars: On-Demand

AppSec Risk: You Can’t Manage What You Can’t Measure

The key to reducing AppSec risk is pretty simple. It all starts with AppSec visibility and everyone looking at the same data. AppSec visibility data provides ...

Watch Now

Latest Events

Black Hat 2021

Black Hat 2021, July 31-August 5

Black Hat 2021 has a jam-packed agenda, complete with a full AppSec track. And the ZeroNorth team is ready to connect with you and discuss how ...

View Event
Shifting Left

Shifting Left 2.0, June 22-23, 2021

 SHIFTING LEFT 2.0 is taking place June 22 and 23, DevOps and security thought leaders will come together to discuss the latest trends, best practices and the future ...

View Event

The ZeroNorth DevSecOps platform offers options for your DevSecOps journey—getting started with AppSec, finding enterprise visibility or fully integrating security into DevOps.