Dynamic Image Scanning Through System Tracing
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore dynamic image scanning through system tracing in this 37-minute conference talk by Itay Shakury from Aqua Security. Learn how malicious actors use sophisticated techniques to evade static analysis and signature-based scanning tools, and discover how dynamic analysis can detect these threats by observing application activity. Delve into the relationship between dynamic scanning, static scanning, and runtime security. Examine common behavioral patterns of malware and learn how to uncover threats using open-source tools. Cover topics such as Trivy Scan, known vulnerabilities, misconfigurations, real-world evasive malware (DzMLT), software supply chain attacks, static image scanning, runtime security, eBPF (Extended Berkeley Packet Filter), and Tracee. Gain insights into advanced security practices for detecting sophisticated threats in cloud-native environments.
Syllabus
Intro
Trivy Scan
Known Vulnerabilities
Misconfigurations
Real world evasive malware (DzMLT)
Software supply chain attacks
Static Image Scanning
Runtime Security - Shift Left
Dynamic scan vs. Runtime security
eBPF - Extended Barkley Packet Filter
Tracee
Summary
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
The Evolution of the Software Supply Chain AttackPluralsight AI and Cybersecurity - The Twain Shall Meet
CAE in Cybersecurity Community via YouTube Whom Do You Trust - MSPs and Other Forgotten Risks for SMBs
RSA Conference via YouTube Code Dependency - Chinese APTs in Software Supply Chain Attacks
BSidesLV via YouTube A Critical Assessment of Supply Chain Intrusion Vectors
BruCON Security Conference via YouTube