A Security State of Mind: Compliance and Vulnerability Audits for Containers


A Security State of Mind: Compliance and Vulnerability Audits for Containers

Data breaches are on the rise and placing increased pressure on Enterprise IT to protect the business. With the rise of DevOps and as hackers takes advantage of known vulnerabilities on unpatched or misconfigured systems, Enterprise IT increasingly needs to automate vulnerability management, security management, and compliance checking. OpenSCAP is an opensource tool for automatically verifying the presence of patches, checking system security configuration settings, and examining systems for signs of compromise.

In this presentation, you’ll learn about:

  • How Containers enable DevOps, Container Technology, and the security risks with deploying containers in the enterprise
  • Security vulnerability (CVEs) and Configuration issues (CCEs) notifications and checks
  • Automating vulnerability management, security management, and compliance checking with OpenSCAP
  • Scanning online and offline Containers and Virtual Machines with OpenSCAP
  • Generating and understanding OpenSCAP audit reports
  • Customizing OpenSCAP profiles

Join Chris Van Tuin, Chief Technologist, West at Red Hat, as he walks through the inherent security risks of deploying containers in the enterprise and how OpenSCAP can help protect and secure the business.

Speaker

chris-van-tuin

Chris Van Tuin

Chris Van Tuin, Chief Technologist at Red Hat, has over 20 years of experience in IT and Software. Since joining Red Hat in 2005, Chris has been architecting solutions for strategic customers and partners with a focus on emerging technologies including IaaS, PaaS, and DevOps and is frequent speaker on DevOps, Security, and Containers. He started his career at Intel in IT and Managed Hosting followed by leadership roles in services and sales engineering at Loudcloud and Linux startups. Chris holds a Bachelors of Electrical Engineering from Georgia Institute of Technology.