Securing Software Pipelines with Xray
Xray allows integration and automation with your organization's CI/CD pipeline and provides DevSecOps engineers and Developers with trust in their software releases. In this course, you'll learn about the Xray solution, its architecture and its components, as well as how Xray works at each step in the DevOps cycle. You will learn how to perform a deep scan of artifacts, as well as how to integrate Xray with an existing CI/CD pipeline and allow other binary analysis tools to build on its capabilities.
After completing the course, you will be able to:
- Use Xray to identify and resolve security issues
- Use different types of enforcement policies
- Integrate with CI/CD pipeline
- Perform a deep scan of artifacts and create a graph of relationships between software components
Who is this course for?
Application Security Engineers, DevSecOps, DevOps engineers and Developers who are new to JFrog Xray and use JFrog Xray to detect and fix vulnerabilities in their open source dependencies and binaries.
- Policies and Watches
- License Policies
- Security Policies
Scanning with Xray
Understanding of modern packaged software development processes.
Familiarity with programming languages such as Java, npm or Python is required.
Basic understanding of JFrog Artifactory