Finding Your Way in Container Security

Logo
Presented by

Ksenia Peguero, Senior Manager Software Engineering, Black Duck

About this talk

DevSecOps and cloud services are driving container adoption in software. As container architectures get complex, they're increasingly exploited. This talk aims to clarify containerization and infrastructure-as-code (IaC) for beginners. We'll cover container technologies, key terms, their value, popularity, challenges, and security issues. We'll discuss common threats, vulnerabilities, attack vectors, and provide real-world attack examples. We'll reference standards and resources like OWASP Docker Top 10, Container Security Verification Standard, NIST Application Container Security guide, and CIS Benchmarks. Finally, we'll provide guidelines and best practices for securing containers.
Related topics:

More from this channel

Upcoming talks (11)
On-demand talks (124)
Subscribers (64805)
Black Duck® offers the most comprehensive, powerful, and trusted portfolio of application security solutions in the industry. We have an unmatched track record of helping organizations around the world secure their software quickly, integrate security efficiently in their development environments, and safely innovate with new technologies. As the recognized leaders, experts, and innovators in software security, Black Duck has everything you need to build trust in your software. As of October 1, 2024 the Synopsys Software Integrity Group is now Black Duck®