Understanding AppSec Part 2: Getting Your Code to the Cloud – IAC, Container Security, CSPM

Mark and Rohan continue our 𝘜𝘯𝘥𝘦𝘳𝘴𝘵𝘢𝘯𝘥𝘪𝘯𝘨 𝘈𝘱𝘱𝘚𝘦𝘤 mini-series. This episode we explore the tools and strategies needed for deploying and securing code in cloud environments, focusing on container and cloud security and Infrastructure as Code (IaC). Mark and Rohan discuss the importance of scanning base images for vulnerabilities, ensuring IaC templates are secure, and how Cloud Security Posture Management (CSPM) helps catch misconfigurations. The episode emphasizes the value of correlating data across different scan types to identify root causes and streamline remediation, highlighting the evolving nature and demands of security in cloud deployments.