Handling Container Vulnerabilities with Open Policy Agent
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Discover how to automate container vulnerability management using Open Policy Agent (OPA) in this 31-minute conference talk by Teppei Fukuda from Aqua Security. Learn to streamline the decision-making process for addressing vulnerabilities detected by scanners in continuous integration (CI) pipelines. Explore the implementation of custom policies with OPA to automatically prioritize and handle vulnerabilities based on organizational requirements. Witness a live demonstration featuring Trivy, an open-source container vulnerability scanner, showcasing how this policy handling model can be applied to various scanning tools. Gain insights into reducing manual judgments, saving time, and enhancing security practices in container-based environments.
Syllabus
Handling Container Vulnerabilities with Open Policy Agent - Teppei Fukuda, Aqua Security
Taught by
CNCF [Cloud Native Computing Foundation]