Artwork

Conteúdo fornecido por Security – Software Engineering Daily. Todo o conteúdo do podcast, incluindo episódios, gráficos e descrições de podcast, é carregado e fornecido diretamente por Security – Software Engineering Daily ou por seu parceiro de plataforma de podcast. Se você acredita que alguém está usando seu trabalho protegido por direitos autorais sem sua permissão, siga o processo descrito aqui https://pt.player.fm/legal.
Player FM - Aplicativo de podcast
Fique off-line com o app Player FM !

Static Analysis for Infrastructure with Guy Eisenkot

54:48
 
Compartilhar
 

Série arquivada ("Feed inativo " status)

When? This feed was archived on July 28, 2022 13:09 (1+ y ago). Last successful fetch was on April 07, 2022 07:18 (2y ago)

Why? Feed inativo status. Nossos servidores foram incapazes de recuperar um feed de podcast válido por um período razoável.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 261585688 series 1438211
Conteúdo fornecido por Security – Software Engineering Daily. Todo o conteúdo do podcast, incluindo episódios, gráficos e descrições de podcast, é carregado e fornecido diretamente por Security – Software Engineering Daily ou por seu parceiro de plataforma de podcast. Se você acredita que alguém está usando seu trabalho protegido por direitos autorais sem sua permissão, siga o processo descrito aqui https://pt.player.fm/legal.

Infrastructure-as-code tools are used to define the architecture of software systems. Common infrastructure-as-code tools include Terraform and AWS CloudFormation. When infrastructure is defined as code, we can use static analysis tools to analyze that code for configuration mistakes, just as we could analyze a programming language with traditional static analysis tools.

When a developer writes a program, that developer might use static analysis to parse a program for common mistakes–memory leaks, potential null pointers, and security holes. The concept of static analysis can be extended to infrastructure as code, allowing for the discovery of higher level problems such as insecure policies across cloud resources.

Guy Eisenkot is an engineer with Bridgecrew, a company that makes static analysis tools for security and compliance. Guy joins the show to talk about cloud security and how static analysis can be used to improve the quality of infrastructure deployments.

Sponsorship inquiries: sponsor@softwareengineeringdaily.com

The post Static Analysis for Infrastructure with Guy Eisenkot appeared first on Software Engineering Daily.

  continue reading

73 episódios

Artwork
iconCompartilhar
 

Série arquivada ("Feed inativo " status)

When? This feed was archived on July 28, 2022 13:09 (1+ y ago). Last successful fetch was on April 07, 2022 07:18 (2y ago)

Why? Feed inativo status. Nossos servidores foram incapazes de recuperar um feed de podcast válido por um período razoável.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 261585688 series 1438211
Conteúdo fornecido por Security – Software Engineering Daily. Todo o conteúdo do podcast, incluindo episódios, gráficos e descrições de podcast, é carregado e fornecido diretamente por Security – Software Engineering Daily ou por seu parceiro de plataforma de podcast. Se você acredita que alguém está usando seu trabalho protegido por direitos autorais sem sua permissão, siga o processo descrito aqui https://pt.player.fm/legal.

Infrastructure-as-code tools are used to define the architecture of software systems. Common infrastructure-as-code tools include Terraform and AWS CloudFormation. When infrastructure is defined as code, we can use static analysis tools to analyze that code for configuration mistakes, just as we could analyze a programming language with traditional static analysis tools.

When a developer writes a program, that developer might use static analysis to parse a program for common mistakes–memory leaks, potential null pointers, and security holes. The concept of static analysis can be extended to infrastructure as code, allowing for the discovery of higher level problems such as insecure policies across cloud resources.

Guy Eisenkot is an engineer with Bridgecrew, a company that makes static analysis tools for security and compliance. Guy joins the show to talk about cloud security and how static analysis can be used to improve the quality of infrastructure deployments.

Sponsorship inquiries: sponsor@softwareengineeringdaily.com

The post Static Analysis for Infrastructure with Guy Eisenkot appeared first on Software Engineering Daily.

  continue reading

73 episódios

Все серии

×
 
Loading …

Bem vindo ao Player FM!

O Player FM procura na web por podcasts de alta qualidade para você curtir agora mesmo. É o melhor app de podcast e funciona no Android, iPhone e web. Inscreva-se para sincronizar as assinaturas entre os dispositivos.

 

Guia rápido de referências