One of the easiest, but most effective, things you can do to secure your systems is to scan application images for known vulnerabilities. In this session Liz will talk about why scanning is so important, and show how to include automated scanning in a CI/CD pipeline, using the open-source tool Trivy (https://github.com/aquasecurity/trivy).
Chapter
Vulnerability scanning for container images
with Liz Rice
play_circle
Sharefacebookmail_outlinelink
Description:
Tags:
CI/CD
Cloud Native Security
Container Security
SAST
Security Scanning
About Liz Rice
Liz Rice, Chief Open Source Officer with eBPF pioneers Isovalent.
Liz is the creator of the Cilium project, which provides cloud native networking, observability and security. Prior to that she was VP Open Source Engineering with security specialists Aqua Security. She is also the chair of the CNCF’s Technical Oversight Committee, and co-chaired the KubeCon / CloudNativeCon 2018 events in Copenhagen, Shanghai and Seattle and is an Ambassador for Open UK.
Liz has a background in systems software engineering, but loves the whole process of building products and enjoys writing code and understanding how other people will use it.