Explore a conference talk that addresses the critical issue of supply chain security in cloud-native computing. Learn about Eraser, a CNCF sandbox project designed to automate the scanning and removal of vulnerable images from Kubernetes nodes. Discover how this open-source solution tackles the growing problem of outdated images presenting security risks in container environments. Understand the limitations of Kubernetes' built-in garbage collection and how Eraser provides developers with more control over image removal. Watch a demonstration of Eraser in action and gain insights into customizing the removal process based on vulnerability thresholds or custom logic. Enhance your knowledge of maintaining a secure Kubernetes environment and mitigating potential security threats in your cloud-native infrastructure.
Cleaning up Vulnerable Images from Kubernetes Nodes
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Eraser: Cleaning up Vulnerable Images from Kubernetes Nodes - Peter Engelbert & Ashna Mehrotra
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Kubernetes Security: Implementing Supply Chain Security
-
Develop and deploy applications on Kubernetes
-
Project Copacetic - Directly Patch Container Image Vulnerabilities
-
SBOMs, VEX, and Kubernetes - Software Supply Chain Security in Cloud Native Environments
-
Hands-on Introduction to Trivy - Continuous Scanning for Container Security
-
Introducing the OWASP Top Ten for Kubernetes
