How This Innocent Image Had a Party in My Cluster
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the evolution of sophisticated container image attacks and learn effective defense strategies in this 34-minute conference talk by Amir Jerbi and Itay Shakury from Aqua Security. Discover how malicious actors employ advanced techniques to evade static analysis and signature-based detection. Gain insights into dynamic analysis methods for tracing container activity and uncovering multi-stage attacks. Examine real-world examples of evasion malware, including downloading executables, packing, fileless files, and supply chain attacks. Learn practical advice for developers and cluster administrators on detecting similar techniques and implementing security controls to mitigate risks. Understand the importance of runtime security and dynamic threat analysis in protecting your container environments.
Syllabus
Introduction
What is Container Image Scanning
Evasion Malware
Runtime Security
Demo Agenda
Downloading an executable
Packing
Fileless Files
Supply Chain Attacks
Dynamic Threat Analysis
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Maintaining Deployment Security in Microsoft AzurePluralsight Microsoft Azure Security Engineer: Configure Advanced Security for Compute
Pluralsight Microsoft Azure Security Technologies (AZ-500) Cert Prep: 2 Implement Platform Protection
LinkedIn Learning Securing Containers and Kubernetes Ecosystem
LinkedIn Learning Performing DevSecOps Automated Security Testing
Pluralsight