Scenario

Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. SPDX-License-Identifier: CC-BY-SA-4.0

Your company has just kicked off a new DevSecOps initiative in an effort to improve the security and reliability of critical applications by embedding security in every part of the software development lifecycle. You are part of a DevOps team tasked with integrating security testing into a rudimentary pipeline for building and releasing container images. Your initial tasks include adding Dockerfile linting, secrets scanning, and vulnerability scanning and deliver the updated container with the least downtime.