DevSecOps has become a key term among today’s software developers. CircleCI integrates with tools for vulnerability scanning, secrets management, and policy compliance to help DevOps engineers increase CI/CD maturity.
CircleCI and Portshift’s integration allows users to quickly identify vulnerabilities and surface dependencies in their application(s). In addition to the classical vulnerabilities scanning, Portshift’s orb creates a unique workload identity to each image which will be used to authenticate and authorize the image when it’ll be used to deploy new pod.
In today’s webinar, we’ll review how to execute pre-configured DevSecOps jobs in your CircleCI pipelines using the Portshift scanner and workload identity orb. We’ll demo how to build secure docker images by including Portshift’s workload identity creation and vulnerability scanner in your container development pipeline. Portshift’s orb allows users to perform vulnerability scans and to collect image identity attributes. Images’ identity is a critical component in Portshift’s runtime authorization.