Demystifying Kubernetes Vulnerability Scanning
10-23, 18:15–18:20 (US/Eastern), Main Room

Security like all technology disciplines has its buzzwords. You'll often hear acronyms like SAST, SCA, DAST, and much more…but what does it all really mean?

In this talk we will review the many kinds of vulnerability scanning with a focus on Kubernetes security scanning. We'll help you understand what kinds of vulnerabilities you can as well as cannot identify with these tools. We'll review some of the popular open source security scanning tools in the ecosystem, and help you understand where you can use each and what to scan - registries, clusters, CI/CD. This will be demoed through real code examples and scanning scenarios.

Ben Hirschberg
Ben is a veteran cybersecurity and DevOps professional, as well as computer science lecturer. Today, he is the co-founder at ARMO, with a vision of making end-to-end Kubernetes security simple for everyone, and a core maintainer of the open source Kubescape project. He teaches advanced information security academically in both undergrad and graduate courses. In his previous capacities, he has been a security researcher and architect, pen-tester and lead developer at Cisco, NDS and Siemens.

This speaker also appears in: