In this workshop, you’ll learn how to leverage Trend Micro Cloud One - Open Source Security by Snyk with your code repositories and CI/CD pipelines to scan projects. This empowers security teams with better visibility, tracking, and early awareness into open source issues for more relevant insights and risk management.
The workshop is divided into the sections listed below. Plan for around 2 hours to complete the full workshop.
1. Introduction (10 minutes)
2. Identify integration points, and connect to a GitHub sample repo to test for open source risks (30 minutes)
3. Understand how to evaluate and monitor key findings and use the in-solution knowledge base (30 minutes)
4. Gain an understanding of direct and indirect dependency mapping (30 minutes)
5. Report and manage key findings for open source issues (15 minutes)
8. Conclusion (5 minutes)
9. Cleanup (5 minutes)
10. Survey (5 minutes)
For any additional help please reach out to:
Built with by Trend Micro
Before we dive in, let’s go through a refresher on the core concepts explored in this workshop.