In a cloud environment, containers can hold highly valuable assets. They are like those large, colorful boxes you see on ships, except they are virtual. Inside each one is an application; all its dependencies, libraries and other binaries; and configuration files needed to run them. With most software packages, vulnerabilities can arise, and it only takes one exploitation for an attacker to gain a foothold into the container and connected cloud environment. That's why identifying, prioritizing and remediating container flaws is critical -- while containers are being developed and after they are deployed into your cloud environment.
Recently at Red Con 2021, X-Force Red program manager Scott Wilson, presented a talk about how to detect and manage container vulnerabilities. After receiving many positive comments from clients and IBMers, Scott wrote a blog post about the topic which includes a link to the full talk on YouTube. Read Scott's blog post to learn how attackers may leverage container flaws; and how to fold containers into your vulnerability management program.
Read the blog post:
https://securityintelligence.com/posts/containers-cloud-vulnerability-management/------------------------------
Abby Ross
------------------------------