DevOps Pro Europe 2022

May 30 - June 3

Workshops

Online

May 24 - 26

Conference

Online

Matt Jarvis

Positon: Director, Developer Relations

Company: Snyk

Country: UK

Biography

Matt Jarvis is a Director of Developer Relations at Snyk. Matt has spent more than 15 years building products and services around open-source software, on everything from embedded devices to large-scale distributed systems. Most recently he has been focused on the open cloud infrastructure space, and on emerging patterns for cloud-native applications. Matt is a regular speaker at conferences across the world, including KubeCon, DockerCon, FOSDEM and All Things Open, a past winner of the OpenStack Outstanding Community Contributor award, and in 2021 was named one of the Top 100 influencers in Open Technologies in the UK. Matt is also a board director of OpenUK, and the founder of Cloud Native Manchester, Kubernetes Community Days UK and Cloud Natives UK.

Talk

My Container Image Has 500 Vulnerabilities, Now What?

As security becomes a bigger concern in the world of containers and Kubernetes, using vulnerability scanning tooling in our workflows is becoming increasingly common. But many container images can show tens if not hundreds of vulnerabilities, particularly if they are built using upstream base images from public repositories. If your container has a huge amount of vulnerabilities, what do you do? Many of us will reach information overload when faced with such a list, and struggle to work out what actions we should take.

In this talk, we’ll look at how container images are constructed, understand how potential vulnerabilities can get into our images, and explore how we can prioritize and remediate the vulnerabilities we find. Take control of your vulnerabilities!

Session Keywords

🔑 Security
🔑 Docker