OWASP Global AppSec US 2021 has ended
Back To Schedule
Thursday, November 11 • 1:00pm - 2:00pm
Container Security: It’s All About the Supply Chain

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Containers continue to mystify security practitioners, mostly because they don’t know how securing them fits into their existing vulnerability program. Is it a virtual machine that gets scanned by the same tools used for over a decade? Or is it an application package that should be tested by SCA, SAST and DAST tools? How do you manage the image or runtime vulnerabilities vs. the application security issues? This talk will focus on container security as a supply chain lifecycle problem and how to integrate validation at multiple points to achieve the ultimate goal of *assurance.* The talk is tool agnostic, because security of the supply chain is more about a alignment with the software development process than the integration of a single, magical tool.

avatar for Michele Chubirka

Michele Chubirka

Chief Security Architect, SAP SuccessFactors
The ubiquitous Mrs. Y. is a recovering Unix and network engineer currently working as a Chief Security Architect for a large software and service provider. Formerly the creator and official nerdstalker of the Healthy Paranoia Security Podcast, she has also been a freelance writer... Read More →

Thursday November 11, 2021 1:00pm - 2:00pm PST