The Runtime Rodeo - Taming Open Source Image Behavior
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore a groundbreaking approach to cloud native security in this 33-minute conference talk by Jimmy Mesta from RAD Security. Delve into a proposed standard for creating behavioral fingerprints of open source image runtime behavior. Examine how this innovative method could revolutionize software supply chain verification, potentially preventing attacks like the infamous SolarWinds incident. Learn about the decision-making process behind the new standard, including what should be included or excluded from the fingerprint, using popular open source images like nginx and apache as examples. Gain insights into how this approach complements existing security measures such as SBOMs, SCA, and image signing, offering a more comprehensive solution for runtime security in cloud native environments.
Syllabus
The Runtime Rodeo; Where Open Source Image Behavior Is Tamed - Jimmy Mesta, RAD Security
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Inspecting Open Source Software Packages for Security and License CompliancePluralsight DevSecOps Fundamentals
Cybrary Effective Vulnerability Discovery with Machine Learning
Black Hat via YouTube The Devils in the Dependency - Data Driven Software Composition Analysis
Black Hat via YouTube Protect Yourself Against Supply Chain Attacks
NDC Conferences via YouTube