Overview
Explore the Department of Defense's automated container hardening pipeline in this 27-minute conference talk. Learn how the DoD's Platform One security group maintains the Iron Bank, a centralized hardened container registry meeting strict safety and security requirements. Discover how automated processes have reduced container vulnerability counts by up to 95%, averaging 70% across the board, while maintaining full functionality and exceeding Iron Bank security specifications. Gain insights into the methodologies used for instrumenting, hardening, testing, and optimizing containers, including vulnerability scanning, testing, reduction, and automation techniques. Understand how open-source technologies are employed in this DevSecOps initiative to significantly reduce container footprints and software packages while enhancing security.
Syllabus
Automating the DoD Container Hardening Pipeline - Russ Andersson, RapidFort
Taught by
Linux Foundation