{"id":8788,"date":"2023-03-15T07:01:00","date_gmt":"2023-03-15T05:01:00","guid":{"rendered":"https:\/\/www.almtoolbox.com\/blog_he\/?p=8788"},"modified":"2023-03-17T16:44:32","modified_gmt":"2023-03-17T14:44:32","slug":"code-security","status":"publish","type":"post","link":"https:\/\/www.almtoolbox.com\/blog_he\/code-security\/","title":{"rendered":"\u05e4\u05d9\u05ea\u05d5\u05d7 \u05e7\u05d5\u05d3 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7 2023"},"content":{"rendered":"\n

\u05d4\u05d4\u05d9\u05e6\u05e2 \u05e9\u05dc\u05e0\u05d5 \u05dc\u05e4\u05d9\u05ea\u05d5\u05d7 \u05e7\u05d5\u05d3 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7<\/h3>\n\n\n\n

\u05e0\u05d5\u05e1\u05e3 \u05dc\u05db\u05dc\u05d9 \u05e4\u05d9\u05ea\u05d5\u05d7 \u05d5\u05e4\u05ea\u05e8\u05d5\u05e0\u05d5\u05ea DevOps, \u05d0\u05e0\u05d5 \u05de\u05e6\u05d9\u05e2\u05d9\u05dd \u05de\u05d2\u05d5\u05d5\u05df \u05e4\u05ea\u05e8\u05d5\u05e0\u05d5\u05ea \u05dc\u05e4\u05d9\u05ea\u05d5\u05d7 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7, \u05db\u05d5\u05dc\u05dc \u05e4\u05ea\u05e8\u05d5\u05df \u05de\u05e7\u05e6\u05d4 \u05dc\u05e7\u05e6\u05d4 \u05d4\u05db\u05d5\u05dc\u05dc \u05d0\u05e4\u05d9\u05d5\u05df, \u05ea\u05db\u05e0\u05d5\u05df, \u05e2\u05d6\u05e8\u05d4 \u05d1\u05d1\u05d7\u05d9\u05e8\u05ea \u05db\u05dc\u05d9\u05dd \u05de\u05ea\u05d0\u05d9\u05de\u05d9\u05dd, \u05d4\u05d8\u05de\u05e2\u05d4, \u05d0\u05d9\u05e0\u05d8\u05d2\u05e8\u05e6\u05d9\u05d4 \u05dc\u05db\u05dc\u05d9\u05dd \u05d5\u05dc\u05ea\u05d4\u05dc\u05d9\u05db\u05d9 \u05e4\u05d9\u05ea\u05d5\u05d7, \u05ea\u05de\u05d9\u05db\u05d4 \/ \u05e9\u05d9\u05e8\u05d5\u05ea \u05de\u05e0\u05d5\u05d4\u05dc \u05d5\u05de\u05db\u05d9\u05e8\u05ea \u05e8\u05e9\u05d9\u05d5\u05e0\u05d5\u05ea.
\u05dc\u05e4\u05e8\u05d8\u05d9\u05dd \u05e0\u05d5\u05e1\u05e4\u05d9\u05dd \u05e4\u05e0\u05d5 \u05d0\u05dc\u05d9\u05e0\u05d5: devsecops@almtoolbox.com<\/a> \u05d0\u05d5 \u05d8\u05dc\u05e4\u05d5\u05e0\u05d9\u05ea: 072-240-5222<\/em><\/strong><\/p>\n\n\n\n

\u05e8\u05e9\u05d9\u05de\u05ea \u05db\u05dc\u05d9\u05dd \u05e9\u05d0\u05e0\u05d5 \u05ea\u05d5\u05de\u05db\u05d9\u05dd \u05d5\u05de\u05e9\u05d5\u05d5\u05e7\u05d9\u05dd:<\/h3>\n\n\n\n
\n
    \n
  1. SonarQube (\u05e1\u05e8\u05d9\u05e7\u05ea \u05e7\u05d5\u05d3 \u05e1\u05d8\u05d8\u05d9, SAST, \u05e2\u05d6\u05e8\u05d4 \u05d1\u05db\u05ea\u05d9\u05d1\u05ea \u05e7\u05d5\u05d3 \u05e0\u05e7\u05d9 \u05d5\u05de\u05d0\u05d5\u05d1\u05d8\u05d7 \u05d1- 29 \u05e9\u05e4\u05d5\u05ea \u05e7\u05d5\u05d3). \u05d0\u05e0\u05d5 \u05de\u05e6\u05d9\u05e2\u05d9\u05dd \u05d2\u05dd \u05ea\u05de\u05d9\u05db\u05d4 \u05d5\u05e9\u05d9\u05e8\u05d5\u05ea \u05de\u05e0\u05d5\u05d4\u05dc.<\/li>\n\n\n\n
  2. GitLab + GitLab CI (\u05d0\u05d5\u05e1\u05e3 \u05db\u05dc\u05d9\u05dd \u05dc\u05e7\u05d5\u05d3 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7 \u05db\u05d7\u05dc\u05e7 \u05de\u05ea\u05d4\u05dc\u05d9\u05da \u05d4\u05e4\u05d9\u05ea\u05d5\u05d7: SAST, DAST, Secret detection)<\/li>\n\n\n\n
  3. HashiCorp Vault (\u05e0\u05d9\u05d4\u05d5\u05dc \u05e1\u05d5\u05d3\u05d5\u05ea \/ secrets management)<\/li>\n\n\n\n
  4. AppScan (\u05e4\u05ea\u05e8\u05d5\u05df DAST \u05dc\u05d0\u05d1\u05d8\u05d7\u05ea \u05d0\u05e4\u05dc\u05d9\u05e7\u05e6\u05d9\u05d5\u05ea \u05db\u05d5\u05dc\u05dc API Security)<\/li>\n\n\n\n
  5. HashiCorp Consul (\u05e4\u05ea\u05e8\u05d5\u05df Service Discovery \u05d5- Service Mesh)<\/li>\n\n\n\n
  6. HashiCorp Boundary (\u05e4\u05ea\u05e8\u05d5\u05df Secure Remote Access)<\/li>\n\n\n\n
  7. Vault Plus (\u05e4\u05ea\u05e8\u05d5\u05df \u05dc\u05e0\u05d9\u05d4\u05d5\u05dc secrets \u05de\u05d1\u05d5\u05e1\u05e1 Vault open source)<\/li>\n\n\n\n
  8. Sysdig (\u05e0\u05d9\u05d8\u05d5\u05e8 \u05d5\u05d0\u05d1\u05d8\u05d7\u05d4 \u05e9\u05dc \u05e7\u05d5\u05e0\u05d8\u05d9\u05d9\u05e0\u05e8\u05d9\u05dd \u05d5- Kubernetes ; \u05d0\u05e4\u05e9\u05e8\u05d5\u05ea \u05dc- Prometheus \u05de\u05e0\u05d5\u05d4\u05dc)<\/li>\n\n\n\n
  9. SourceGraph (\u05e4\u05ea\u05e8\u05d5\u05df \u05e9\u05e0\u05d5\u05ea\u05df \u05d4\u05ea\u05e8\u05d0\u05d5\u05ea \u05e2\u05dc \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d1\u05e7\u05d5\u05d3, \u05d5\u05de\u05d0\u05e4\u05e9\u05e8 \u05ea\u05d9\u05e7\u05d5\u05df \u05d0\u05d5\u05d8\u05d5\u05de\u05d8\u05d9 \u05d1\u05db\u05dc \u05d4\u05e7\u05d5\u05d3)<\/li>\n\n\n\n
  10. SonarCloud (\u05e4\u05ea\u05e8\u05d5\u05df SaaS \u05dc\u05e1\u05e8\u05d9\u05e7\u05ea \u05e7\u05d5\u05d3 \u05e1\u05d8\u05d8\u05d9)<\/li>\n\n\n\n
  11. SonarLint (\u05ea\u05d5\u05e1\u05e3 \u05d7\u05d9\u05e0\u05de\u05d9 \u05dc- IDEs)<\/li>\n\n\n\n
  12. Secrets Management solutions (on-prem \/ SaaS \/ Hybrid)<\/li>\n\n\n\n
  13. HashiCorp Boundary – Secure Remote Access – \u05d2\u05d9\u05e9\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05e8\u05d7\u05d5\u05e7 (\u05ea\u05d7\u05dc\u05d9\u05e3 \u05de\u05d5\u05d3\u05e8\u05e0\u05d9 \u05dc- VPN)<\/li>\n\n\n\n
  14. LastPass – Password Management – \u05e0\u05d9\u05d4\u05d5\u05dc \u05e1\u05d9\u05e1\u05de\u05d0\u05d5\u05ea<\/li>\n\n\n\n
  15. Solo (\u05e4\u05ea\u05e8\u05d5\u05df Service Mesh \u05d5\u05ea\u05de\u05d9\u05db\u05d4 \u05dc- Istio)<\/li>\n\n\n\n
  16. Venafi (\u05e0\u05d9\u05d4\u05d5\u05dc \u05ea\u05e2\u05d5\u05d3\u05d5\u05ea \/ certificate management)<\/li>\n\n\n\n
  17. Mattermost (\u05e6'\u05d0\u05d8 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7 \u05dc\u05e1\u05d1\u05d9\u05d1\u05d5\u05ea \u05e4\u05d9\u05ea\u05d5\u05d7 \/ \u05d0\u05dc\u05d8\u05e8\u05e0\u05d8\u05d9\u05d1\u05d9 \u05dc- Slack \u05d5- WhatsApp)<\/li>\n\n\n\n
  18. GitHub Advance Security (\u05d0\u05d5\u05e1\u05e3 \u05db\u05dc\u05d9\u05dd \u05dc\u05e4\u05d9\u05ea\u05d5\u05d7 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7 \u05de\u05e2\u05dc GitHub)<\/li>\n\n\n\n
  19. Fossa (\u05e4\u05ea\u05e8\u05d5\u05df \u05dc- Vulnerability management \u05d5- License Compliance \u05dc\u05e1\u05e4\u05e8\u05d9\u05d5\u05ea \u05e7\u05d5\u05d3 \u05e4\u05ea\u05d5\u05d7)<\/li>\n\n\n\n
  20. Atlassian Access (\u05e4\u05ea\u05e8\u05d5\u05df \u05d2\u05d9\u05e9\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05d5- SSO \u05dc- Jira, Confluence, Bitbucket \u05d5- Altassian add-ons)<\/li>\n\n\n\n
  21. Azul (\u05e2\u05d3\u05db\u05d5\u05e0\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4 \u05dc- Java \u05d5\u05ea\u05de\u05d9\u05db\u05d4 \u05d1- Java)<\/li>\n\n\n\n
  22. Terraform (\u05db\u05d5\u05dc\u05dc Drift Detection)<\/li>\n<\/ol>\n<\/div><\/div>\n\n\n\n
    \u05e4\u05d5\u05e8\u05e1\u05dd \u05dc\u05e8\u05d0\u05e9\u05d5\u05e0\u05d4: \u05de\u05d0\u05d9 2021. \u05e2\u05d3\u05db\u05d5\u05df \u05d0\u05d7\u05e8\u05d5\u05df: \u05de\u05e8\u05e5 2023<\/em><\/h5>\n","protected":false},"excerpt":{"rendered":"

    \u05d4\u05d9\u05e6\u05e2 \u05e4\u05ea\u05e8\u05d5\u05e0\u05d5\u05ea \u05dc\u05e4\u05d9\u05ea\u05d5\u05d7 \u05e7\u05d5\u05d3 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7 – \u05e2\u05d3\u05db\u05e0\u05d9 \u05dc 2023<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[733,406],"tags":[731,732],"class_list":["post-8788","post","type-post","status-publish","format-standard","hentry","category-app-sec","category-406","tag-731","tag-732"],"_links":{"self":[{"href":"https:\/\/www.almtoolbox.com\/blog_he\/wp-json\/wp\/v2\/posts\/8788","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.almtoolbox.com\/blog_he\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.almtoolbox.com\/blog_he\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.almtoolbox.com\/blog_he\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.almtoolbox.com\/blog_he\/wp-json\/wp\/v2\/comments?post=8788"}],"version-history":[{"count":12,"href":"https:\/\/www.almtoolbox.com\/blog_he\/wp-json\/wp\/v2\/posts\/8788\/revisions"}],"predecessor-version":[{"id":8878,"href":"https:\/\/www.almtoolbox.com\/blog_he\/wp-json\/wp\/v2\/posts\/8788\/revisions\/8878"}],"wp:attachment":[{"href":"https:\/\/www.almtoolbox.com\/blog_he\/wp-json\/wp\/v2\/media?parent=8788"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.almtoolbox.com\/blog_he\/wp-json\/wp\/v2\/categories?post=8788"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.almtoolbox.com\/blog_he\/wp-json\/wp\/v2\/tags?post=8788"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}