YoVDO

Keeping Up with CVEs: Finding Needles in Haystacks - Practical Vulnerability Assessment

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

Vulnerability Management Courses Kubernetes Courses Container Security Courses Security Automation Courses Release Engineering Courses Cloud-Native Security Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the challenges and solutions in vulnerability management for container images in this conference talk. Learn how vulnerability scanners work, their limitations, and practical approaches to assess product security beyond raw vulnerability numbers. Discover strategies for implementing effective vulnerability management using Kubernetes images as an example. Gain insights into reducing false positives, focusing on code execution paths, and creating automated processes for vulnerability detection. Understand the complexities of container images and how to balance security concerns with practical solutions that allow engineers to work efficiently.

Syllabus

Introduction
Welcome
Why is the graph looking like this
Example
Vulnerability Scanner
Vulnerability Analysis
Image Scanners
Vulnerability Impact
Kubernetes
Release Engineering
Kubernetes Enhancement Proposal
Distroless
Base
Bash Static
QProxy
Not a perfect solution
Container images are complex
Imperfect solutions have benefits
Reduce churn
Vulnerability detection
How Kubernetes maintainers feel
Focus on code execution path
Give engineers breathing space
Create a list of images
Automated jobs
Questions


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Building on Microsoft Sentinel Platform
Microsoft via YouTube
Securing Applications and Infrastructure on Kubernetes with Sysdig
Mirantis via YouTube
Container Escape in 2021
Hack In The Box Security Conference via YouTube
Running at Light Speed - Cloud Native Security Patterns
LASCON via YouTube
Controlled Mayhem With Cloud Native Security Pipelines
OWASP Foundation via YouTube