December 13, 2019

210 words 1 min read

Establishing Container Trust at Scale [I]

Establishing Container Trust at Scale [I]

Quantifying risks in a container image is a critical aspect of production deployments. With orchestration clusters supporting thousands of nodes, any risk assessment solution must work at production s …

Talk Title Establishing Container Trust at Scale [I]
Speakers Tim Mackey (Senior Technical Evangelist, Black Duck by Synopsys)
Conference KubeCon + CloudNativeCon North America
Conf Tag
Location Austin, TX, United States
Date Dec 4- 8, 2017
URL Talk Page
Slides Talk Slides
Video

Quantifying risks in a container image is a critical aspect of production deployments. With orchestration clusters supporting thousands of nodes, any risk assessment solution must work at production scale. Once a trusted image is deemed vulnerable, application risk increases, but which applications are impacted, and how far has trust been broken? Trust is established through best practices including the use of trusted image registries, static code analysis, fuzzing, strong perimeter defenses and deployment controls. Unfortunately, this trust model omits information flow. Malicious actors succeed when applications are most vulnerable. When devising action plans in response to security disclosures, defenders must quickly assess both the impact and scope of the disclosure. This time to remediation requires accurate and actionable vulnerability assessments as applications are created, deployed and scaled. Enhancing security information flow accelerates risk mitigation at production scale.

comments powered by Disqus