Listen to the latest episode of the Secure Developer podcastListen now
close

DSC Germany

Detecting Module Vulnerabilities from Go Binaries

with Agata Krajewska, Daniel Kontorovskyi
play_circle

Description:

Cloud native applications are typically made up of a small core of homegrown code, along with a lot of open source modules. Vulnerabilities in modules across most languages are increasing, and so scanning that code for security vulnerabilities is a critical piece of the security jigsaw. This is straightforward in interpreted languages since the module information is shipped with our application, but in compiled languages like Go it’s not as straightforward. At Snyk we recently introduced the ability to automatically detect and scan included modules from Go binaries within your containers, and in this talk we’ll deep dive into the details of how we got there – from automatically detecting Go binaries inside your container images, to breaking apart the binary format and extracting the header information, and implementing this all functionality in our Node based command line client. If the internals of Go binaries are your thing, then this is the talk for you!

Tags:

Application Security
AppSec
Open Source
Secure Development
Security Transformation
Threat Modeling

Agata Krajewska

Software Engineer at Snyk

About Agata Krajewska

Agata is a Software Engineer in Container group in Snyk. Agata has spent the last year working on runtime security, solving problems around image scanning architectures and platforms. Whenever there’s a chance, she enjoys writing low level and embedded software code. Besides coding, Agata also teaches yoga and visits all the best food spots in East London.

Daniel Kontorovskyi

Software Engineer at Snyk

About Daniel Kontorovskyi

Daniel Kontorovskyi is a Software Engineer at Snyk, and has spent most of the last 5 years building SAAS products in the security space. Most recently Daniel has been focused on the emerging need for security within cloud native applications and at runtime.

We use cookies to ensure you get the best experience on our website.Read Privacy Policy
close