mail@pastecode.io avatar
23 days ago
3.2 kB
Artefact Scanning

1. Amazon ECR (Elastic Container Registry) with Image Scanning: Automatically scans container images for vulnerabilities.
2. Amazon Inspector: An automated security assessment service that helps improve the security and compliance of applications deployed on AWS by scanning EC2 instances.
3. AWS CodePipeline with integrated security tools: Ensures continuous integration and delivery pipelines include security checks.

1. GitLab Container Scanning: Scans Docker images for known vulnerabilities.
2. GitLab Dependency Scanning: Detects vulnerabilities in your project dependencies.
3. GitLab SAST (Static Application Security Testing): Analyzes source code to find security vulnerabilities.
4. GitLab DAST (Dynamic Application Security Testing): Scans running web applications for vulnerabilities.
5. GitLab API Fuzzing: Tests APIs for security vulnerabilities by fuzzing.

Cloud Configuration

1. AWS CloudFormation: Manages and provisions AWS infrastructure using code.
2. AWS Config: Continuously monitors and records your AWS resource configurations and helps you automate the evaluation of recorded configurations against desired configurations.
3. AWS Security Hub: Provides a comprehensive view of your security state within AWS and helps you check your compliance with security standards.
4. AWS Artifact: Provides on-demand access to AWS’s security and compliance reports and select online agreements.
5. AWS Organizations: Central management and governance of your AWS environment.

1. GitLab CI/CD: Integrates security and compliance checks into your continuous integration and delivery pipelines.
2. GitLab Compliance Dashboard: Monitors and enforces compliance policies across your GitLab projects.
3. GitLab Infrastructure as Code (IaC) Scanning: Integrates IaC security scans into your CI/CD pipeline using tools like Terrascan or Checkov.
4. GitLab Audit Events: Tracks changes and activities within GitLab for compliance and security purposes.

Runtime Protection

1. Amazon GuardDuty: Provides intelligent threat detection and continuous monitoring.
2. AWS Shield: Managed DDoS protection for your AWS applications.
3. AWS WAF (Web Application Firewall): Helps protect your web applications and APIs from common web exploits.
4. AWS Systems Manager: Provides operational insights and security for your applications.
5. AWS CloudTrail: Logs and monitors activity in your AWS account.
6. AWS Detective: Analyzes, investigates, and quickly identifies the root cause of potential security issues or suspicious activities.
7. AWS IAM (Identity and Access Management): Manages access to AWS services and resources securely.
8. AWS KMS (Key Management Service): Manages encryption keys used to encrypt your data.

1. GitLab Security Alerts: Notifies and tracks vulnerabilities found in your projects.
2. GitLab Role-Based Access Control (RBAC): Manages permissions and access controls within your GitLab projects.
3. GitLab Secrets Management: Securely manages and injects secrets into your CI/CD jobs.
4. GitLab Data Masking: Redacts sensitive information from job logs to prevent exposure of sensitive data.
Leave a Comment