My containers have been running stable for a year, is that good?

Abstract

Give an overview of best practices to ensure containers do not run with known vulnerabilities

Date
Location
London, England

A shared responsibility between developers and operations for what is packaged in images and runs in containers is common sense in a DevOps world. In practice, nobody feels responsible for patch management in (running) containers. But patch management of operating system components in containers is very important to ensure the security of a system.

This talk gives you an overview and sample implementations for the following questions:

  • How to get informed about new vulnerabilities in components?
  • Which components have to be checked?
  • When to check for known vulnerabilities?
  • Who is responsible for patch management for which images?

    Required audience experience:

Build of images and deployment of containers

Objective of the talk:

Give an overview of best practices to ensure containers do not run with known vulnerabilities