PlatformEngineering.org My Courses FAQs

This video is still being processed. Please check back later and refresh the page.

Uh oh! Something went wrong, please try again.

Vulnerability Management for Platform Engineers

Learn how to manage vulnerabilities across modern platforms. This introductory course covers secure-by-design principles, automated detection and remediation, and how to embed security into IDP workflows to keep teams fast and safe.

Cancel Apply

rate limit

Code not recognized.

About this course

BROUGHT TO YOU BY
DURATION 2 hours
PRICE Free
FORMAT On-demand
 
 

What you'll learn

During this course, you'll learn:

checkmark How the modern vulnerability landscape works and why securing the SDLC is now a core platform engineering responsibility
checkmark How to use automation and security fundamentals to shift vulnerability management down into the platform and remove developer toil
checkmark How secure-by-design and security platform engineering work in practice, including policy-as-code, hardened images, continuous remediation, and zero-touch security workflows
checkmark How to measure and demonstrate the impact of security platform engineering through reduced CVE backlog, faster remediation, and improved developer experience
salary callout
$1.9m
burned per year at orgs
on inefficient vulnerability
management promotion
within 6 months

 
 

Curriculum

4 MODULES
MODULE 1
Vulnerability fundamentals for platform engineers
What are Common Vulnerabilities and Exposures (CVEs) and why do they matter for platform engineers
What is Security Platform Engineering?
Historical high-profile vulnerabilities and their impact.
Today’s landscape: open-source, container images, and the scale of exposure.
MODULE 2
The hidden costs and strategic value
Operational burdens: toil, triaging, patching, compliance overhead
Balancing developer productivity with comprehensive security
The costs of customer escalations and reputational risk
CVE management as a driver of business value and innovation
MODULE 3
The vulnerability landscape
Categories of vulnerability management tools: SAST, DAST, SCA, image scanning
Open-source options: Trivy, Grype, Clair, Syft
Integration into CI/CD pipelines, registries, and IDPs
SBOMs, supply chain security, and emerging trends in automation
MODULE 4
Making your platform Secure-by-design
Organisational and cultural shifts needed for sustainable practices
Automation with policy-as-code and CI/CD security gates
Culture and tooling for Secure-by-Default
Proactive security culture as a competitive advantage
 

Meet your Instructor

Mandy Hubbard

Mandy Hubbard

Course instructor and Sr. Technical PMM @ Chainguard

LinkedIn icon Connect with me on LinkedIn
  • bullet-icon QA nerd turned developer advocate (learned early how systems break and how to fix them)
  • bullet-icon Fluent in platform, security, and developer experience with a knack for making hard things clear
  • bullet-icon Security and platform engineering course instructor, technical storyteller
Luca Galante
LinkedIn icon Connect with me on LinkedIn
Desktop
 Mobile
 

 
 

 
Desktop Mobile
 
 
 
 

 

 

 
Desktop Mobile
 
 
 
Enroll in Architect Bundle Enroll in Professional Bundle Enroll in Leadership Bundle
 

 

 

See all learning paths

 

Curriculum

  • Welcome to the course
  • Module 1: Vulnerability fundamentals for platform engineers
  • Vulnerability fundamentals for platform engineers
  • What are Common Vulnerabilities and Exposures (CVEs) and why do they matter for platform engineers
  • What is Security Platform Engineering?
  • Historical high-profile vulnerabilities and their impact.
  • Today’s landscape: open-source, container images, and the scale of exposure
  • Module 2: The hidden costs and strategic value
  • The hidden costs and strategic value
  • Operational burdens: toil, triaging, patching, compliance overhead
  • Balancing developer productivity with comprehensive security
  • The costs of customer escalations and reputational risk
  • CVE management as a driver of business value and innovation
  • Module 3: The vulnerability landscape
  • The vulnerability landscape
  • Categories of vulnerability management tools: SAST, DAST, SCA, image scanning
  • Open-source options: Trivy, Grype, Clair, Syft
  • Integration into CI/CD pipelines, registries, and IDPs
  • SBOMs, supply chain security, and emerging trends in automation
  • Module 4: Making your platform Secure-by-design
  • Making your platform Secure-by-design
  • Organisational and cultural shifts needed for sustainable practices
  • Automation with policy-as-code and CI/CD security gates
  • Culture and tooling for Secure-by-Default
  • Proactive security culture as a competitive advantage
  • Course feedback survey
  • Wrap-up
  • It's a wrap - Key takeaways

About this course

BROUGHT TO YOU BY
DURATION 2 hours
PRICE Free
FORMAT On-demand
 
 

What you'll learn

During this course, you'll learn:

checkmark How the modern vulnerability landscape works and why securing the SDLC is now a core platform engineering responsibility
checkmark How to use automation and security fundamentals to shift vulnerability management down into the platform and remove developer toil
checkmark How secure-by-design and security platform engineering work in practice, including policy-as-code, hardened images, continuous remediation, and zero-touch security workflows
checkmark How to measure and demonstrate the impact of security platform engineering through reduced CVE backlog, faster remediation, and improved developer experience
salary callout
$1.9m
burned per year at orgs
on inefficient vulnerability
management promotion
within 6 months

 
 

Curriculum

4 MODULES
MODULE 1
Vulnerability fundamentals for platform engineers
What are Common Vulnerabilities and Exposures (CVEs) and why do they matter for platform engineers
What is Security Platform Engineering?
Historical high-profile vulnerabilities and their impact.
Today’s landscape: open-source, container images, and the scale of exposure.
MODULE 2
The hidden costs and strategic value
Operational burdens: toil, triaging, patching, compliance overhead
Balancing developer productivity with comprehensive security
The costs of customer escalations and reputational risk
CVE management as a driver of business value and innovation
MODULE 3
The vulnerability landscape
Categories of vulnerability management tools: SAST, DAST, SCA, image scanning
Open-source options: Trivy, Grype, Clair, Syft
Integration into CI/CD pipelines, registries, and IDPs
SBOMs, supply chain security, and emerging trends in automation
MODULE 4
Making your platform Secure-by-design
Organisational and cultural shifts needed for sustainable practices
Automation with policy-as-code and CI/CD security gates
Culture and tooling for Secure-by-Default
Proactive security culture as a competitive advantage
 

Meet your Instructor

Mandy Hubbard

Mandy Hubbard

Course instructor and Sr. Technical PMM @ Chainguard

LinkedIn icon Connect with me on LinkedIn
  • bullet-icon QA nerd turned developer advocate (learned early how systems break and how to fix them)
  • bullet-icon Fluent in platform, security, and developer experience with a knack for making hard things clear
  • bullet-icon Security and platform engineering course instructor, technical storyteller
Luca Galante
LinkedIn icon Connect with me on LinkedIn
Desktop
 Mobile
 

 
 

 
Desktop Mobile
 
 
 
 

 

 

 
Desktop Mobile
 
 
 
Enroll in Architect Bundle Enroll in Professional Bundle Enroll in Leadership Bundle
 

 

 

See all learning paths

 

Curriculum

  • Welcome to the course
  • Module 1: Vulnerability fundamentals for platform engineers
  • Vulnerability fundamentals for platform engineers
  • What are Common Vulnerabilities and Exposures (CVEs) and why do they matter for platform engineers
  • What is Security Platform Engineering?
  • Historical high-profile vulnerabilities and their impact.
  • Today’s landscape: open-source, container images, and the scale of exposure
  • Module 2: The hidden costs and strategic value
  • The hidden costs and strategic value
  • Operational burdens: toil, triaging, patching, compliance overhead
  • Balancing developer productivity with comprehensive security
  • The costs of customer escalations and reputational risk
  • CVE management as a driver of business value and innovation
  • Module 3: The vulnerability landscape
  • The vulnerability landscape
  • Categories of vulnerability management tools: SAST, DAST, SCA, image scanning
  • Open-source options: Trivy, Grype, Clair, Syft
  • Integration into CI/CD pipelines, registries, and IDPs
  • SBOMs, supply chain security, and emerging trends in automation
  • Module 4: Making your platform Secure-by-design
  • Making your platform Secure-by-design
  • Organisational and cultural shifts needed for sustainable practices
  • Automation with policy-as-code and CI/CD security gates
  • Culture and tooling for Secure-by-Default
  • Proactive security culture as a competitive advantage
  • Course feedback survey
  • Wrap-up
  • It's a wrap - Key takeaways