Learn how to efficiently patch container image vulnerabilities through a technical conference talk that introduces Project Copacetic (Copa). Discover how this CNCF sandbox project addresses software supply chain security challenges by offering a streamlined approach to maintaining secure container images. Explore Copa's integration capabilities with existing build infrastructure, its use of image scanners like Trivy for vulnerability detection, and its ability to create patch layers using Buildkit. Through a practical demonstration, understand how to integrate Copa into pipelines, extend scanner functionality, and manage package updates - even for distroless images. Master techniques to reduce patching turnaround time and complexity while gaining greater control over security maintenance timelines and resource optimization.
Project Copacetic - Directly Patch Container Image Vulnerabilities
Overview
Syllabus
Project Copacetic: Directly Patch Container Image Vulnerabilities - Ashna Mehrotra, Microsoft
Taught by
OpenSSF
Related Courses
-
Copacetic - Patch Your Container Images Seamlessly with COPA
-
Automated Vulnerability Patching with Copa
-
Strategies for Patching Critical CVEs in Open Source Software - Best Practices and Tools
-
Securing Vulnerable Images with Copa - Hot Fix Techniques
-
Digging Into Container Image Layers for Sneaky Vulnerabilities
-
A Day in the Life of a Base Image - Evolution of Vulnerabilities in Popular Containers
