Virtual Event
November 17–November 20, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2020 - Virtual to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Standard Time (UTC–05:00). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Tuesday, November 17 • 1:00pm - Friday, November 20 • 7:00pm
Sponsored Session: Aqua Security - Handling Container Vulnerabilities with Open Policy Agent

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

By accessing this sponsored session, the third party sponsor will receive some of your registration data. This data includes your First Name, Last Name, Title, Company, Address, Email, Standard Demographics Questions (I.e. Company Size, Job Function, Industry), and details about the sponsored content you interacted with. If you choose to access sponsored sessions, you are explicitly consenting to receipt and use of such data by the third-party recipients, which will be subject to their own privacy policies.

This is an on-demand session and will be available for the duration of the event.

A vulnerability scanner for containers doesn’t help a user decide how to handle vulnerabilities. For example, even if a critical vulnerability is found, some organizations may accept the risk of it. The policy for vulnerability handling depends on the organization, and in many cases, the person in charge has to make a manual judgement based on this policy every time. This is time-consuming.

This talk demonstrates how to automatically handle vulnerabilities detected by a scanner using OPA.
- The vulnerabilities found by a scanner in CI are handled automatically by Open Policy Agent
- Applying custom policy, OPA shows users which vulnerabilities to address

This automatic vulnerability handling in CI will be demonstrated live, along with Trivy, which is an open source vulnerability scanner for containers. The same policy handling model could be used with any scanner.


Teppei Fukuda

Open Source Engineer, Aqua Security

Tuesday November 17, 2020 1:00pm - Friday November 20, 2020 7:00pm EST
Intrado Virtual Event Platform