Get started with security vulnerability scanning and integrating that with Github, Github Actions and automated security checks in pull requests.
Learn how to scan reported vulnerabilities in projects and Docker containers, so that you can publish images to Docker hub or merge pull requests while knowing that changes in dependencies are secure.
Topics include:
* Install and run locally a security vulnerability scanner
* Catalog a project with an SBOM (Software Bill Of Materials) so that the scanner can do vulnerability matching.
* Setup a Github Action to automatically scan vulnerabilities in a project and optionally fail a build to prevent a merge.
* Scan a Docker container image that is built locally against the latest vulnerabilities, based on any CVE reported publicly