One of the easiest, but most effective, things you can do to secure your systems is to scan application images for known vulnerabilities. In this session Liz will talk about why scanning is so important, and show how to include automated scanning in a CI/CD pipeline, using the open-source tool Trivy (https://github.com/aquasecurity/trivy).
Chapter
Vulnerability scanning for container images
with Liz Rice
play_circle
Sharefacebookmail_outlinelink
Description:
Tags:
CI/CD
Cloud Native Security
Container Security
SAST
Security Scanning
About Liz Rice
Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium cloud native networking, security and observability project. She was Chair of the CNCF’s Technical Oversight Committee in 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She is also the author of Container Security, published by O’Reilly.
She has a wealth of software development, team, and product management experience from working on network protocols and distributed systems, and in digital technology sectors such as VOD, music, and VoIP. When not writing code, or talking about it, Liz loves riding bikes in places with better weather than her native London, competing in virtual races on Zwift, and making music under the pseudonym Insider Nine.