SupportAPI docsProduct updatesSign up for free
Search…
Snyk User Documentation
Introducing Snyk
Getting started
PRODUCTS
Snyk Open Source
Snyk Code
Snyk Container
Snyk Infrastructure as Code
FEATURES
Snyk CLI
Snyk API
Integrations
User and group management
Fixing and prioritizing issues
Reports
Other tools
TUTORIALS
Getting Started
Amazon Web Services
Atlassian
DevOps Pipeline with Bitbucket Cloud and Kubernetes
DevSecOps with Bitbucket Cloud
Prerequisites
Getting Started
Module 1
Module 2
Module 3
Module 4
Cleanup
Conclusion
Opsgenie
Snyk Security for Bitbucket Cloud
CircleCI
Docker
Dynatrace
GCP
GitHub
Microsoft Azure
Oracle Cloud Infrastructure
Red Hat
SpringOne
MORE INFO
Disclosing vulnerabilities
How Snyk handles your data
Powered By GitBook
DevSecOps with Bitbucket Cloud
Join Snyk and Atlassian for this hands-on virtual workshop where we will guide you on implementing security best-practices early on in your workflow to build an automated and secure Continuous Integration (CI) & Continuous Delivery (CD) pipeline.

Welcome!

You will begin this workshop as the newest member of a Mythical 500 company: Mythical Mysfits. It's your first day in the office and your predecessor(s) hastily (i.e. manually) deployed an "enterprise-ready" piece of software for group collaboration: goof. According to your colleagues, goof became wildly popular as "The BESTest todo app evar". You, however, are skeptical. Fortunately, your company also recently purchased Snyk and Atlassian Bitbucket Cloud!
In this workshop, you will learn patterns for shift-left security leveraging Atlassian Bitbucket, Bitbucket Pipelines, and Snyk. These techniques will enable you to implement scanning of your container-based workloads running on Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Registry (ECR) and how to use these patterns to release features and functionality at a faster pace that includes security at each step.

Learning Objectives

Intended Audience

  • Developers
  • Security/Application Teams
  • DevOps/DevSecOps Engineers
  • Cloud/Solutions Architects

Content Structure

We have structured the various subjects covered in this workshop into specific modules. Each module will provide context on the theory behind the techniques presented as well as hands-on examples.

Module 1 - Scanning & monitoring application source code

Enable the Snyk Open Source integration to Bitbucket and import your SCM project. Understand transitive dependencies and how Snyk can generate automatic pull requests to streamline your process.

Module 2 - Scanning & monitoring container images

Enable Snyk Container integration to Amazon Elastic Container Registry (ECR) and import your container images. Learn how Snyk provides base image ugprade recommendations.

Module 3 - Scanning & monitoring for insecure Kubernetes configurations

​Install the Snyk controller on Amazon Elastic Kubernetes Service (Amazon EKS) and add workloads for scanning. Understand test results, how to interpret Snyk's Priority Score, and how to fix configuration issues.

Module 4 - Fixing known issues & monitoring

In this module, you will go through guided exercises that demonstrate how to fix for vulnerabilities and insecure configurations. You will apply what you learned in the previous modules and apply fixes to your application, container image, and Kubernetes configuration to secure your application.
To make the most effective use of this content, you should be able to run basic Unix commands. You should also possess familiarity with AWS services, basic cloud concepts and general understanding of software development methodologies.
Previous
Conclusion
Next
Prerequisites
Last modified 1mo ago
Export as PDF
Copy link
Edit on GitHub
Contents
Welcome!
Learning Objectives
Intended Audience
Content Structure
Module 1 - Scanning & monitoring application source code
Module 2 - Scanning & monitoring container images
Module 3 - Scanning & monitoring for insecure Kubernetes configurations
Module 4 - Fixing known issues & monitoring