Cover Your Base Images: How Early Development Choices Impact Security
Security risks, configuration mistakes, and vulnerabilities in Docker images are often traced to some very early decisions. Before containers, developers could count on the security of the infrastructure, including the operating system and prerequisite components. Dev owned the security of the application--Ops owned what it ran on. This is not the case anymore. Today, development owns the choice of the base operating system, the configuration of the final image, and sourcing all the components used for the build. In order to produce secure and compliant applications, development and operations should work together to establish a practice that secures the base images, reviews configuration at time of build and provides a known risk posture for each image and running container.
This webinar will guide you through building applications on a secure foundation, performing a risk analysis of your final product, and prepare you to handle compliance requirements.