When Container Scanning Falls Short

Containers have taken IT by storm. They increase delivery speed and stability. To secure them you just run a scanner, right? Perhaps…

Metal detectors cannot detect plastic explosives. Similarly, many container scanners (e.g., Quay, Docker Hub, and even Snyk) are unable to detect the most vulnerable libraries inside Docker containers or Kubernetes clusters.

Do you want to know what your container scanner might be missing?

Join Application security heavyweights Jim Manico(OWASP Top Ten contributor) and Julius Musseau in this live streaming event, where they highlight the issues and present solutions.

What you learn (take aways)

  • Methodology to evaluate container scanners
  • Pitfalls of traditional container scanning tools
  • How to solve two problems at once [SCA + Container scanning]
Julius Musseau

CTO at MergeBase

Vulnerability Scanning Implementor

Jim Manico

CEO at Manicode

Contributor to the OWASP Top Ten


Webinar Series

Free Live Event

Date: Wednesday,
October 26th
Time: 9 A.M PDT

Discover More from MergeBase

Open Source Protection

Stay on top of the real risk of open source at any time.

Avoid false positives and get sophisticated upgrade guidance based on risk, compatibility and popularity.

More on Continuous Protection

Add RunTime Protection

Detect and defend against known-vulnerabilities at runtime. The only SCA to do so.

The quickest way to respond to an imminent threat like log4j with CVE-2021-44228.

More on Run-time Protection

Shift Left Now

CodeGreen is an early-warning defence for your in-house development and integrates directly into GitHub and BitBucket

More on BitBucket and Github apps