Leveraging Build Pipelines for Automating Container OS & Framework Patching
11-17, 11:20–11:50 (UTC), The Gallery

Containers have become the modern packaging format, regardless of the host they're run on. You may be building your own images, or consuming images from ISVs. While containers have a focused subset of their VM ancestors, containers still have layers of the OS, runtimes and other components that are susceptible to vulnerabilities that must be remediated. Have you considered how you'll patch these deployments? Will you patch the running containers, as you patch VMs, hoping the software continues to run, as you continually patch the same deployed image?
We'll examine leveraging your build and deployment pipelines to automatically patch, test and deploy updates, during and long after you've moved onto another project. OS & Framework Patching can be an extension of what you're already doing today.

Steve is a Program Manager for Container Registries at Microsoft and Azure. Prior to joining Microsoft, Steve worked in consulting and broadcast engineering where he learned the life of living on the road and building systems that can be easily troubleshot and repaired as fans don't like waiting for more than a commercial to get back to super bowl.
Steve can be found on Twitter @SteveLasker and his blog @ https://stevelasker.blog