Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Project Copacetic - Directly Patch Container Image Vulnerabilities

OpenSSF via YouTube

Overview

Learn how to efficiently patch container image vulnerabilities through a technical conference talk that introduces Project Copacetic (Copa). Discover how this CNCF sandbox project addresses software supply chain security challenges by offering a streamlined approach to maintaining secure container images. Explore Copa's integration capabilities with existing build infrastructure, its use of image scanners like Trivy for vulnerability detection, and its ability to create patch layers using Buildkit. Through a practical demonstration, understand how to integrate Copa into pipelines, extend scanner functionality, and manage package updates - even for distroless images. Master techniques to reduce patching turnaround time and complexity while gaining greater control over security maintenance timelines and resource optimization.

Syllabus

Project Copacetic: Directly Patch Container Image Vulnerabilities - Ashna Mehrotra, Microsoft

Taught by

OpenSSF

Reviews

Start your review of Project Copacetic - Directly Patch Container Image Vulnerabilities

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.