by Michael Wager
Recently we gave a talk at the BSides Conference in Munich. Container security is an ongoing concern for organizations. Often seen as a „black box,“ containers pose challenges in addressing vulnerabilities, especially when base image updates are not readily available. Security scanners detect numerous findings, and even critical issues can be hard to resolve. In our exploration, we delve into practical approaches and best practices to minimize your container’s attack surface and also share some insights into our scientific research project collaboration with the University of Applied Sciences, Augsburg. We guide you on the journey to strip away unnecessary components, moving towards fully distroless containers. We also examine whether the „distroless“ concept offers a solution to your security concerns, shedding light on expectations, challenges, and potential outcomes.
You can find the slides here.