Securing Container Workloads at K8s Forum Delhi 2020
Security in the world of containers has become complex as we use different base images. We cannot be aware of what our containers are made up of and cope up with dependencies and transitive dependencies and their updates. On average at least 30 vulnerabilities exist in the top 10 docker images. Do you know if you’re using any of these? If your application containers are based on vulnerable images, your deployment could be open to attack. In this talk, you’ll learn about practical actions to address vulnerabilities in your container images. I will be demonstrating securing the images in a Harbor registry by integrating the open-source Trivy image scanning tool. Trivy is very easy to use and can also be integrated with the existing CI/CD pipelines. After this session, attendees will take away the best practices in securing their container workloads.