Container Infrastructure Analysis with Trivy
Want to learn how to find vulnerabilities in docker images? How about preventing these vulnerabilities in the first place? If so, you're in the right place! In this course you will learn Container Infrastructure Analysis with Trivy.
What you'll learn
In this course, we will focus on automating docker image security scans:
- use Trivy (and a Github Action) to scan Dockerfiles within Github
- use Trivy to uncover a malicious image within a Docker registry
- perform an analysis on the malicious image to uncover the source of compromise
Table of contents
- Version Check 0m
- What Is Trivy? 8m
- Installation 3m
- Demo 1: Reactive Integration Overview 3m
- Demo 1: Trivy Scan 4m
- Demo 2: Proactive Approach (Consumer View) 8m
- Demo 2: Proactive Approach (Technical View) 4m
- Demo 3: Docker Image Tampering Github Workflow 4m
- Demo 3: Docker Image Tampering Script 5m
- Demo 3: Docker Image Tampering Check 6m
Trivy is an easy-to-use and comprehensive and open source vulnerability scanner for container images.
In this course you will learn how to use Trivy and Github Actions to scan and audit container images for vulnerabilities.
A container image is an unchangeable, static file that includes executable code so it can run an isolated process on information technology infrastructure.
Docker images are used to execute code in a Docker container. Docker images act as a set of instructions to build a Docker container, similar to a template.
GitHub Actions is a software tool that automates, customizes, and executes your software development workflows right in your repository.