pvnovarese

2024-04-legacy-of-log4shell

Slides etc for "The Legacy of Log4Shell"

2022-devopsdays

Slides and DIY Demos for "Learn from Log4Shell" from DevOpsDays

2023-11-legacy-of-log4shell

Slides etc for "The Legacy of Log4Shell"

2023-12-demo

anchorectl-pipeline

Example CICD Integrations for Anchore Enterprise

clock

docker image to count/beacon

2022-devopsworld

DevOps World 2022 Workshop: Using SBOMs to Secure Your Software Supply Chain

2023-03-demo

Simple demo for Anchore Enterprise, including common CICD workflow examples.

anchore-tools

anchorectl, syft, grype and other useful doodads in a single image

2022-06-enterprise-demo

Simple demo for Anchore Enterprise, including both Jenkins and GitHub workflow examples.

2022-07-slim-demo

smaller demo, fewer bells and whistles but builds/scans quickly

2022-08-enterprise-demo

Simple demo for Anchore Enterprise, including both Jenkins and GitHub workflow examples.

2022-09-enterprise-demo

Simple demo for Anchore Enterprise, including with multiple CICD workflow examples.

2023-01-enterprise-demo

2023-01-slim-demo

2023-02-demo

2023-09-lessons-of-log4shell

Slides etc for "The Lessons of Log4Shell"

2023-09-sbom-workshop

2023-11-demo

anchore-demo

anchore-eval

anchorectl-test

beta-anchorectl-pipeline

hints_test

juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

pipelines-java

Sample Java application referred to by Azure Pipelines documentation

sample-nodejs-project

a walking skeleton for node.js projects

talks

Collection of slides, links etc from conference talks

test1

dumb

WebGoat

WebGoat is a deliberately insecure application