Xray Policies and Watches (05:24)
Xray License Policy (06:10)
Xray Security Policy (05:20)
JFrog Xray: Policies and Watches (2020+)
Course Duration: 20 minutes
In this DevSecOps course, we will describe the two types of policies in JFrog Xray and the DevSecOps fundamentals necessary to secure your environment. We will explain how policy scope is defined in a watch and describe the benefits of this model for governing your organization’s security and license issues. In addition, we will demonstrate how to create a license policy and a security policy and assign our policies to a new or existing watch.
JFrog Xray DevSecOps tool allows a great level of flexibility used for onboarding new projects or legacy applications by providing a large measure of flexibility is defining the scope of each policy rule (watches) and the action that needs to be taken upon identifying various levels of severities in your artifacts (policies). With this granularity in place, one can define different sets of policies and watches to accommodate the different levels of governance required for its projects, all in one place.
In addition to learning Xray watches, this course will show you how to set up policies to ensure the security of your platform. Policies control the rules around vulnerability and risk scores, licensing rules overseeing compliance, and the rules for the alerts system in place that lets administrators and project owners get alerted when a violation was found. Configuration of these rules will be covered in this course so that they can be fully leveraged for cybersecurity.
Finally, this course will go through the Xray license policies so that administrators can learn how to configure settings that scan artifacts for compliance issues. This DevSecOps course takes you through policy, licensing rules, and watches step-by-step to help with JFrog Xray setup and guidance.
In this course we will cover
- Xray Policies and Watches to better secure your environment
- The Xray License Policy that determines any licensing violations
- Xray Security Policy for platform security
Who should take this DevSecOps course?
Xray administrators, Artifactory administrators, Application Security Engineers, DevSecOps and DevOps engineers who are new to JFrog Xray. Any administrator of DevSecOps staff who will be responsible for security of the JFrog platform can benefit from taking this course and learning Xray policies and watches.
Policies and Watches Course Completion
In order to complete the course, you must answer at least 70% of the quiz questions correctly.
Additional DevSecOps free online courses available on JFrog Academy: