The Runtime Rodeo - Taming Open Source Image Behavior

Explore a groundbreaking approach to cloud native security in this 33-minute conference talk by Jimmy Mesta from RAD Security. Delve into a proposed standard for creating behavioral fingerprints of open source image runtime behavior. Examine how this innovative method could revolutionize software supply chain verification, potentially preventing attacks like the infamous SolarWinds incident. Learn about the decision-making process behind the new standard, including what should be included or excluded from the fingerprint, using popular open source images like nginx and apache as examples. Gain insights into how this approach complements existing security measures such as SBOMs, SCA, and image signing, offering a more comprehensive solution for runtime security in cloud native environments.

The Runtime Rodeo; Where Open Source Image Behavior Is Tamed - Jimmy Mesta, RAD Security