Is my Container Secure?
Study of Vulnerability in Container World
Cecilia Hu, Yue Guan, Zhaoyan Xu
Palo Alto Networks
Agenda
➢ Introduction
➢ Basic Statistics
➢ Study of Vulnerability
➢ Image in your Cluster
➢ Practical Suggestions
Background
• Containers have recently become a popular approach to provision
Micro-service over the Cloud.
• With more advanced cloud applications deployed, the security
risks of images becomes a big headache for DevOps team.
• We want to know how bad is the situation and how we could
defense against the threats.
Motivation
In this talk, we will cover:
• How is the state-of-art status of container image security?
• How to measure the security of container image in your application
environment?
• How to mitigate threats from the vulnerable container images?
• What is best practice for securing your images?
Agenda
➢ Introduction
➢ Data Collection
➢ Study of Vulnerability
➢ Image in your Cluster
➢ Practices Suggestions