Securing Container Workloads
Don’t miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects - Learn more at https://kubecon.io
Securing Container Workloads - Vineeth Pothulapati, Aqua Security
Security in the world of containers has become complex as we use different base images. We cannot be aware of what our containers are made up of and cope up with dependencies and transitive dependencies and their updates. On average at least 30 vulnerabilities exist in the top 10 docker images. Do you know if you’re using any of these? If your application containers are based on vulnerable images, your deployment could be open to attack. In this talk, you’ll learn about practical actions to address vulnerabilities in your container images. I will be demonstrating securing the images in a Harbor registry by integrating the open-source Trivy image scanning tool. Trivy is very easy to use and can also be integrated with the existing CI/CD pipelines. After this session, attendees will take away the best practices in securing their container workloads.