The How and Why of Container Vulnerability Management - OpenShift Commons Briefing #48
September 9, 2016 | by
Cyber threats consistently rank as a high priority for data center operators and their reliability teams. As increasingly sophisticated attacks mount, the risk associated with a zero-day attack is significant. Traditional responses include perimeter monitoring and associated network defenses. Since those defenses are reactive to application issues attackers choose to exploit, it’s critical to have visibility into both what is in your container library, but also what the current state of vulnerability activity might be. Current vulnerability information for container images can readily be obtained by using the scan action on Atomic hosts in your OpenShift Container Platform.
In this Video
In this OpenShift Commons Briefing, BlackDuck's Tim Mackey gives an excellent overview on Vulnerability Management in a Containerized world. He also gives demonstration of using the scan action on Atomic hosts with OpenShift Container Platform for both OpenSCAP and Black Duck Hub and drilled into some of the differences between the two approaches. We also covered how an issue becomes a disclosed vulnerability, how to determine the risk associated with your container usage, and potential mitigation patterns you might choose to utilize to limit any potential scope of compromise.
You can find the entire backlog of OpenShift Commons Briefings on this Youtube Playlist of all previously recorded briefings on YouTube. Don't forget to leave your feedback and suggestions for each video or in the comments section below. This will be incredibly important to shape the content of future briefings sessions and provide content that satisfies the entire OpenShift Community.
OpenShift Commons Gathering in Seattle November 7, 2016
OpenShift Commons is the place for organizations that are part of the OpenShift community to connect with peers and other related open source technology communities to communicate and collaborate across all OpenShift projects and stakeholders.
The Commons' goal is to foster collaboration and communication between OpenShift stakeholders to drive success for all its members.
As a result, the OpenShift Commons expands and facilitates points of connection between members for sharing their knowledge and experience. Consequently, the OpenShift Commons help to drive success for the platform and for all the participants: customers, users, partners, and contributors.
What happens in an OpenShift update vs. an upgrade? Changes with Red Hat OpenShift Container Platform can happen regularly, so we deploy a new version, which can be a bit scary because no one wants ...