The State of Vulnerability in Cloud Native Security- Magno Logan, Trend Micro

less than 1 minute read

Abstract

This talk aims to present the research results analyzing all the vulnerabilities reported from previous cloud native tools security audits and publicly known vulnerabilities reported by third-party directly to the project maintainers. We’ve bundled and analyzed all these vulnerabilities from different projects such as Kubernetes, Helm, etcd, gRPC, CodeDNS, and many others until July 2021. The goal was to understand the most common issues and most critical risks found in those tools. Furthermore, we wanted to know why they happen, try to prevent them from happening in the future, and at the same time raise awareness for users and organizations using those projects about the risks associated with using these tools in their environment. A PDF report with all the data and findings will be released to the audience with this presentation.

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

The State of Vulnerability in Cloud Native Security- Magno Logan, Trend Micro

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google