- Topic Overview
Dependency Management (05:38)
Bill of Materials (08:25)
JFrog Artifactory: Advanced Security Overview (2020+)
Duration: 20 minutes
In this short course, we will teach you how to set up your Artifactory installation in support of your security strategy. We will review dependency management strategies and will show you how to navigate project builds and how to browse dependency details.
We will cover:
- Dependency Management
- Bill of Materials
Who should take this Artifactory course?
Application Security Engineers, DevSecOps, DevOps engineers and Artifactory administrators who have experience integrating Artifactory into their pipeline.
In order to complete the course, you have to answer at least 70% of the quiz questions correctly.
Additional DevOps and DevSecOps courses:
JFrog Xray: Overview (2020+)
JFrog Xray: Policies and Watches (2020+)
JFrog Artifactory: Monitoring and Maintenance (2020+)
Now that you're using Artifactory, you need to know how to set up your installation in support of your security strategy.
We have 8 video tutorials that address the different areas of security to consider as you set up and use Artifactory.
Dependencies can introduce new vulnerabilities if you don't maintain tight control or monitor them closely. Set up Artifactory to support your strategy.
The bill of materials is more than an inventory of components in the software. We'll show you how to enable build information and navigate the details.
The permissions you set for users and groups depends on your operation strategy. Artifactory enables a fine-grained level of user authorization.
Your binaries are safe in Artifactory, but they're vulnerable in transit and at rest on the server side. Find out how to encrypt your binaries and sign them for customer use.
Package isolation and control gates help maintain the integrity of your code at the time of release. Security measures can be provisioned differently at each level of maturity using Artifactory controls.
When you use other security systems, you'll need to know how to integrate them with Artifactory and delegate authentication. We'll focus on the settings you need for a secure LDAP (pronounced el-dap) setup.
Authentication with plain text passwords leaves your system vulnerable. Make sure you use the settings in Artifactory to encrypt passwords.
When systems need access between them, you need to establish a circle of trust with access tokens. Find out how to create one in Artifactory and how to use it.