December 25, 2019

203 words 1 min read

Common vulnerabilities and exposures in containers: What to know

Common vulnerabilities and exposures in containers: What to know

Clair is an open source container image security analyzer that enables developers to build services that scan containers for security threats and vulnerabilities. Quentin Machu offers an overview of Clair and explores a real-life example to demonstrate how Clair is able to automatically detect known vulnerabilities in Docker and rkt containers before they get exploited.

Talk Title Common vulnerabilities and exposures in containers: What to know
Speakers
Conference O’Reilly Security Conference
Conf Tag Build better defenses
Location Amsterdam, Netherlands
Date November 9-11, 2016
URL Talk Page
Slides Talk Slides
Video

Docker layers can be fast for developers but also vulnerable if not audited for production. Wouldn’t it be great to improve continuous integration with continuous vulnerability detection? Clair, an open source tool to monitor the security of containers, is an API-driven analysis engine that inspects containers layer by layer for known security flaws. Quentin Machu offers an overview of Clair and explores a real-life example to demonstrate how Clair is able to automatically detect known vulnerabilities in Docker and rkt containers before they get exploited, using graph database queries to track package changes. Join Quentin to get started using Clair and learn to easily build services that provide continuous monitoring for container vulnerabilities.

comments powered by Disqus