Demystifying Kubernetes Vulnerability Scanning
2022-10-23, 18:15–18:20, Room 1

Security like all technology disciplines has its buzzwords. You'll often hear acronyms like SAST, SCA, DAST, and much more…but what does it all really mean?

In this talk we will review the many kinds of vulnerability scanning with a focus on Kubernetes security scanning. We'll help you understand what kinds of vulnerabilities you can as well as cannot identify with these tools. We'll review some of the popular open source security scanning tools in the ecosystem, and help you understand where you can use each and what to scan - registries, clusters, CI/CD. This will be demoed through real code examples and scanning scenarios.