My Container Image has 500 Vulnerabilities, Now What? - Matt Jarvis, Snyk

less than 1 minute read

Abstract

As security becomes a bigger concern in the world of containers and Kubernetes, using vulnerability scanning tooling in our workflows is becoming increasingly common. But many container images can show tens if not hundreds of vulnerabilities, particularly if they are built using upstream base images from public repositories. If your container has a huge amount of vulnerabilities, what do you do ? Many of us will reach information overload when faced with such a list, and struggle to work out what actions we should take. In this talk, we’ll look at how container images are constructed, understand how potential vulnerabilities can get into our images, and explore how we can prioritize and remediate the vulnerabilities we find. Take control of your vulnerabilities !

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

My Container Image has 500 Vulnerabilities, Now What? - Matt Jarvis, Snyk

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google