YoVDO

Overcoming CVE Shock - Adding Perspective in Vulnerability Scanning

Offered By: Devoxx via YouTube

Tags

Devoxx Courses Penetration Testing Courses CI/CD Pipelines Courses Kubernetes Security Courses Vulnerability Scanning Courses Open Policy Agent Courses Falco Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore vulnerability scanning in Kubernetes clusters and learn effective security measures in this comprehensive conference talk. Discover how to audit technical configurations, identify vulnerabilities, and apply patches to critical components. Delve into exploiting Kubernetes primitives for implementing robust security mechanisms, including RBAC, AdmissionController, NetworkPolicy, and SecurityContext. Enhance cluster security with Open Policy Agent for finer control and integrate Falco for detecting suspicious actions within containers and at the API Server level. Learn to implement a CI/CD pipeline with Clair for vulnerability analysis during image builds. Gain insights into penetration testing, package discovery challenges, vulnerability databases, and automating decision processes. Understand the complexities of container results, issues with specific components like libcurl and Busybox, and explore solutions such as VEX (Vulnerability Exploitability eXchange) for more accurate vulnerability assessments.

Syllabus

Intro
Survey
Why Vulnerability Scanning
Penetration Testing vs Vulnerability Scanning
What is Vulnerability Scanning
Basic Package Discovery
Problem with Basic Package Discovery
Components which dont have metadata
Debian Vulnerability Database
Google Vulnerability Database
Summary
The problem is deep
Whats happening inside Docker
The problem with container results
The problem with libcurl
The problem with Busybox
Automating the decision process
Small research
Scripting magic
Vulnerability list
Automation
What it means
Vex
What is VX
VX in action
From VX perspective
Questions


Taught by

Devoxx

Related Courses

Hands-on Introduction to GitGat for SCM Security
Rawkode Academy via YouTube Introduction to Open Policy Agent - Rego Language and Kubernetes Policies
Rawkode Academy via YouTube How to Secure a Kubernetes Cluster from Scratch
Devoxx via YouTube Tools to Help You Secure Your Kubernetes Cluster
Devoxx via YouTube Securing Your Infrastructure as Code Pipeline
Linux Foundation via YouTube