Container Image Scanning for Azure Pipelines with Sysdig

The blog post authored by Eduardo Mínguez outlines the process of using Sysdig's vulnerability scanning tool within Azure Pipelines to identify and rectify vulnerabilities in container images before deployment. The article provides a detailed guide on setting up a pipeline using Azure DevOps, which automates tasks like testing, building, and scanning container images when changes are made to a GitHub repository. It emphasizes the benefits of performing vulnerability scans locally using the sysdig-cli-scanner tool, allowing results to be sent to the Sysdig Secure backend while keeping the images within the user's infrastructure. The blog also highlights the importance of shifting security practices left in the CI/CD process, enhancing the confidence in deploying secure images in production environments. By demonstrating a practical example with a simple Golang application, the article illustrates how to configure Azure Pipelines to build, scan, and store container images, ultimately contributing to improved security and production delivery times.