Day in the Life of a Base Image - The Evolution of Vulnerabilities in Popular Containers

Explore the evolution of vulnerabilities in popular container base images in this insightful conference talk. Delve into the complexities of container scanning and security, examining how the security posture of containers changes over time. Gain a deeper understanding of why handling vulnerabilities in containers is a challenging problem, considering factors such as patching known vulnerabilities, addressing newly discovered threats, and managing those classified as "won't fix." Analyze data visualizations showcasing the attack surface changes of widely-used public container images like Python and NodeJS over the past year. Compare results from popular vulnerability scanners and observe their sometimes extreme discrepancies. Conclude with practical strategies for developers to effectively manage vulnerabilities and maintain a smooth development process in the face of evolving security challenges.

Day in the Life of a Base Image: The Evolution of Vulnerabilities in the Most Popular C... Ayse Kaya