2 869 855 libros electrónicos en 110 idiomas
¿No le conviene? No hay problema. Puedes devolver los artículos hasta 30 días
No se equivocará con un vale de regalo. El destinatario puede elegir cualquier producto de nuestra oferta.
Hasta 30 días para devoluciones
Trivy for Kubernetes & DevSecOps
Build Secure Container Pipelines with SBOM, Supply Chain Scanning & CI/CD Automation Using GitHub Actions, Jenkins, ArgoCD, Terraform & Helm
Modern software delivery is fast.
Attack surfaces are faster.
Container images, Helm charts, Terraform modules, CI pipelines, and GitOps promotions form a complex supply chain - and every stage is a potential entry point for risk.
This book does not teach isolated Trivy commands.
It teaches you how to design and operate a production-grade DevSecOps control system.
You will build a complete, real-world security architecture:
Repository
→ Container Build (Immutable Digest)
→ Vulnerability Scan
→ SBOM Generation (CycloneDX & SPDX)
→ Helm Render Validation
→ Misconfiguration & Secret Detection
→ Policy-Based Gating
→ GitOps Promotion with ArgoCD
→ Audit-Ready Evidence Pack
→ Continuous Validation & Security Debt Reduction
Every chapter connects to this system spine.
Nothing is fragmented. Nothing is theoretical.
Most DevSecOps guides:
This book goes further.
You will implement:
This is not "scan and hope."
It is structured enforcement.
This book is written for:
It assumes you want depth - not surface-level summaries.
There are no "What is Kubernetes?" chapters.
There are no toy examples.
Every workflow is production-aligned.
You will work with current, real-world tooling:
The final capstone builds a complete, audit-ready DevSecOps platform from scratch.
What You Will Walk Away WithAfter completing this book, you will have:
Security is not a scanner.
It is a workflow.
It is a promotion discipline.
It is a contract between build, release, and runtime.
This book gives you the architecture to enforce that contract.
If you build Kubernetes platforms, operate CI/CD systems, or are responsible for container supply chain integrity, this manual will become your operational reference.