Automate compliance and security scans along with secrets management into your development and delivery workflow.
In security circles, you'll often hear talk of "shift-left" mindsets. More security responsibility and mitigation is moving into the hands of developers and architects (system design). To support that shift, tools are beginning to catch up with new security paradigms and allow teams to implement security as code and secure development / delivery lifecycles.
In this presentation at the Google Cloud digital conference, Senior HashiCorp Solutions Engineer Ryan Hall will walk through a demo of several tools and services that teams can use to secure their CI/CD pipeline and build automated security compliance into their coding and container deployment workflows.
This talk will cover: - How container security is different - What container security often looks like - How container security should look - Solutions: - HashiCorp Vault - Container registry vulnerability scanning - Binary authorization by Google Cloud - Q&A