Containers offer many advantages, but also pose certain security challenges that can be difficult to overcome. Perhaps the most noticeable security challenge is the larger attack surface containers create, as opposed to traditional workloads, because of the large number of containers based on many different underlying images, each of which can have vulnerabilities.
Another key issue is the underlying kernel architecture shared by containers. Securing the host is not enough to ensure protection. You also need to maintain secure configurations to limit container permissions and ensure proper isolation between containers.
In the first half of the workshop, you will learn about eBPF (Extended Berkeley Packet Filter – kernel technology) and Cilium (eBPF-based Networking, Observability, and Security) and how they help with security observability.
Containers created from images inherit all of an image’s characteristics, including misconfigurations, malware, and security vulnerabilities. You need to analyse dependencies and packages defined in container images so that you can shift security left. This means you can act before threats are deployed to your production pipeline.
In the second half of the workshop, you will learn brief about Cloud Native Security Whitepaper and Vulnerability scanning for Docker images using AWS ECR, Trivy, Grype and docker scan (Snyk)
10:00hrs to 10:15hrs – Welcome
10:15hrs to 11:00hrs – Container safekeeping – Tales
- What is vulnerability?
- Understanding vulnerabilities
- How to prioritise the remediation?
- Snyk Demo
11:00 to 11:50am – Container Security Vulnerability Scanning – Madhu
- Cloud Native Security White Paper highlights
- Vulnerability Scanning for Container Images using Docker Scan (Snyk), ECR, Trivy and Grype
- Amazon Elastic Container Registry (ECR) Image Scanner alerts
- Amazon Elastic Kubernetes Service (EKS) Best Practices for Security
- Scanning Dockerfiles for vulnerabilities using Snyk
- Scanning Container images using Docker scan, ECR, Trivy and Grype
11:50 to 12:00pm – Q & A and Networking
Event Fee: Free
Audience: Level 100 (Basic understanding of the fundamental scope of information technology). Basic understanding of containers and Linux OS.
What you will gain: You will gain introduction level knowledge of security observability and vulnerability scanning for container Images using opensource tools and the Amazon ECR.
🗣️ Join the DevSecOps Community on our Discord channel to discuss this talk with other security-focused practitioners!