In the year 2023, the Cloud-Native Security and Usage Report declared that 87% of container images have high or critical vulnerabilities. The reality is there are too many vulnerabilities to fix, and teams struggle with how to prioritize them. In fact, 85% of critical and high vulnerabilities have a fix available but are not in use at runtime where they’d be exploitable. Let’s explore the dynamic landscape of containerized applications with uninvited challenges examine the year 2023 and find some interesting trends that may help you as you work to develop best practices and essential security considerations for ensuring the integrity and authenticity of your containers and your cloud-native environments.
▬▬▬▬▬▬ 👋 About the Guest👋 ▬▬▬▬ ▬▬▬ ▬▬▬▬▬ ▬▬▬▬▬ ▬▬▬▬▬ ▬▬
Héctor Fernández ► [ Ссылка ]
▬▬▬▬▬▬ 📺 Video - Learning resources 📺 ▬▬▬▬ ▬▬▬ ▬▬▬▬▬ ▬▬▬▬▬ ▬▬▬▬▬
► Container Images for the Cloud Native Era – @cloudnativefm [ Ссылка ]
► Open VEX Supercharges SBOMs For A More Secure Software Supply Chain – @cloudnativefm
[ Ссылка ]
► Artifact signing with ephemeral and verifiable keys: Sigstore and OpenPubkey – @cloudnativefm [ Ссылка ]
▬▬▬▬▬▬ ✍️ Articles ✍️ ▬▬▬▬ ▬▬▬ ▬▬▬▬▬ ▬▬▬▬▬ ▬▬▬▬▬
► Reducing Trust in Automated Certificate Authorities via
Proofs-of-Authentication – [ Ссылка ]
► OpenPubkey and Sigstore – [ Ссылка ]
► Sysdig 2023 Cloud-Native Security and Usage Report – [ Ссылка ]
► The State of Cloud Native Security Report 2023 –[ Ссылка ]
► The State of Cloud-Native Security – [ Ссылка ]
► Need to Sign Your Code and Haven’t a Clue? Sigstore Can Help – [ Ссылка ]
► How to Sign a Container with Cosign – [ Ссылка ]
▬▬▬▬▬▬ 🪪 Sigstore 🪪 ▬▬▬▬ ▬▬▬ ▬▬▬▬▬ ▬▬▬▬▬ ▬▬▬▬▬
► Overview – [ Ссылка ]
► (X - Twitter) – [ Ссылка ]
► OpenSSF – Sigstore: Simplifying Code Signing for Open Source Ecosystems – [ Ссылка ]
▬▬▬▬▬▬ 🔐 Openpubkey 🔐 ▬▬▬▬ ▬▬▬ ▬▬▬▬▬ ▬▬▬▬▬ ▬▬▬▬▬
► OpenPubkey – [ Ссылка ]
► Linux Foundation, BastionZero, and Docker Announce the Launch of the OpenPubkey Project – [ Ссылка ]
► Signing Docker Official Images Using OpenPubkey – [ Ссылка ]
▬▬▬▬▬▬ 💼 About the Chainguard 💼 ▬▬▬▬ ▬▬▬ ▬▬▬▬▬
The first developer platform built for software supply chain security
🌍 [ Ссылка ]
🧑💻 [ Ссылка ]
🐳 [ Ссылка ]
🐦 [ Ссылка ]
▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
➡ [ Ссылка ]
➡ [ Ссылка ]
#kubernetes #security
The State of Cloud Native Security 2023 | Ep 94
Теги
sysdigchainguardcloud native securitykubernetesk8swolficontainer scannerstrivyreducing container build timeaws reinventekscluster hardeningk8s security best practicescontainer security best practicespolicy as codeinfrastructure automationinfrastructure as codekyvernoOPAkubewardengitopsargo cdfluxprometheusgrafanamonitoringobservabilityaws eks security best practiceshardening eks clustersk8s admission controllerthanoslinkerdistio
