Scratch Containers and the Supply Chain Trouble

Explore the concept of scratch containers and their impact on supply chain security in this 49-minute OWASP Foundation talk by Naveen S, Senior Security Engineer at Freshworks. Delve into the structure of containerized applications, examining the layers that typically include the OS, system libraries, and application dependencies. Learn about the benefits of using scratch containers to reduce image size and attack surface by running statically built binaries without an OS layer. Analyze the potential security implications of this approach, including the challenges in generating a comprehensive Bill of Materials (BOM) and performing effective Software Composition Analysis (SCA). Consider the trade-offs between reducing vulnerabilities and maintaining visibility into component dependencies. Gain insights into the advantages, common security caveats, and potential pitfalls associated with scratch containers, and evaluate their effectiveness in addressing supply chain concerns in the context of OWASP's top 10 web application security risks.

Scratch containers and the supply chain trouble - Naveen S