Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Dynamic Image Scanning Through System Tracing

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore dynamic image scanning through system tracing in this 37-minute conference talk by Itay Shakury from Aqua Security. Learn how malicious actors use sophisticated techniques to evade static analysis and signature-based scanning tools, and discover how dynamic analysis can detect these threats by observing application activity. Delve into the relationship between dynamic scanning, static scanning, and runtime security. Examine common behavioral patterns of malware and learn how to uncover threats using open-source tools. Cover topics such as Trivy Scan, known vulnerabilities, misconfigurations, real-world evasive malware (DzMLT), software supply chain attacks, static image scanning, runtime security, eBPF (Extended Berkeley Packet Filter), and Tracee. Gain insights into advanced security practices for detecting sophisticated threats in cloud-native environments.

Syllabus

Intro
Trivy Scan
Known Vulnerabilities
Misconfigurations
Real world evasive malware (DzMLT)
Software supply chain attacks
Static Image Scanning
Runtime Security - Shift Left
Dynamic scan vs. Runtime security
eBPF - Extended Barkley Packet Filter
Tracee
Summary

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Dynamic Image Scanning Through System Tracing

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.