AquaSec CNAPP & trivy

A Cloud-Native Application Protection Platform (CNAPP) is an integrated security solution designed to provide comprehensive visibility and protection for cloud-native applications throughout their lifecycle, from development to production. It integrates multiple security capabilities, such as CSPM (Cloud Security Posture Management), CWPP (Cloud Workload Protection), and others like CIEM and API security, into a single solution to simplify management, … Continue reading AquaSec CNAPP & trivy

Cosign vs Kyverno

brew install cosign mshaik@rafis-MacBook-Pro ~ % docker pull nginx Using default tag: latest latest: Pulling from library/nginx d7ecded7702a: Pull complete 266626526d42: Pull complete 320b0949be89: Pull complete d921c57c6a81: Pull complete 9def903993e4: Pull complete 52bc359bcbd7: Pull complete e2f8e296d9df: Pull complete Digest: sha256:1beed3ca46acebe9d3fb62e9067f03d05d5bfa97a00f30938a0a3580563272ad Status: Downloaded newer image for nginx:latest docker.io/library/nginx:latest docker images REPOSITORY TAG IMAGE ID CREATED SIZE … Continue reading Cosign vs Kyverno

GitHub Actions 

GitHub Actions is a continuous integration and continuous delivery (CI/CD) platform that allows you to automate your build, test, and deployment pipeline. Events that trigger workflows https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows https://docs.github.com/en/actions/how-tos/write-workflows/choose-when-workflows-run/trigger-a-workflow https://github.com/google-github-actions/example-workflows ex: https://github.com/google-github-actions/example-workflows/tree/main/.github/workflows Advantages over jenkins No Need to configure webhook if we use Github Actions Easy to write yaml based instruction rather using Jenkins  DSL (Domain-Specific … Continue reading GitHub Actions