Overview
Explore dynamic image scanning through system tracing in this 37-minute conference talk by Itay Shakury from Aqua Security. Learn how malicious actors use sophisticated techniques to evade static analysis and signature-based scanning tools, and discover how dynamic analysis can detect these threats by observing application activity. Delve into the relationship between dynamic scanning, static scanning, and runtime security. Examine common behavioral patterns of malware and learn how to uncover threats using open-source tools. Cover topics such as Trivy Scan, known vulnerabilities, misconfigurations, real-world evasive malware (DzMLT), software supply chain attacks, static image scanning, runtime security, eBPF (Extended Berkeley Packet Filter), and Tracee. Gain insights into advanced security practices for detecting sophisticated threats in cloud-native environments.
Syllabus
Intro
Trivy Scan
Known Vulnerabilities
Misconfigurations
Real world evasive malware (DzMLT)
Software supply chain attacks
Static Image Scanning
Runtime Security - Shift Left
Dynamic scan vs. Runtime security
eBPF - Extended Barkley Packet Filter
Tracee
Summary
Taught by
CNCF [Cloud Native Computing Foundation]