The State of Vulnerability in Cloud Native Security- Magno Logan, Trend Micro

less than 1 minute read

Abstract

This talk aims to present the research results analyzing all the vulnerabilities reported from previous cloud native tools security audits and publicly known vulnerabilities reported by third-party directly to the project maintainers. We’ve bundled and analyzed all these vulnerabilities from different projects such as Kubernetes, Helm, etcd, gRPC, CodeDNS, and many others until July 2021. The goal was to understand the most common issues and most critical risks found in those tools. Furthermore, we wanted to know why they happen, try to prevent them from happening in the future, and at the same time raise awareness for users and organizations using those projects about the risks associated with using these tools in their environment. A PDF report with all the data and findings will be released to the audience with this presentation.

Sched URL

Video