Overview
Learn about Copa, a revolutionary CNCF project for automated container vulnerability patching, in this 20-minute conference talk from the Linux Foundation. Discover how to efficiently address container image security challenges by implementing automated OS-level vulnerability remediation without requiring upstream rebuilds. Explore Copa's seamless integration with existing vulnerability scanners like Grype and Trivy, its capability to patch images without specific customizations, and support for containers lacking package managers, including distroless containers. Master techniques for accelerating secure container deployment while minimizing potential security threats, particularly valuable for complex supply chains and third-party sources with delayed updates. Gain practical insights into streamlining DevSecOps workflows and enhancing container security through automated, accessible, and effective patching solutions.
Syllabus
Automated Vulnerability Patching with Copa - Anubhav Gupta, Akuity
Taught by
Linux Foundation