How to build 0 CVE docker images? Can there be a better solution?

preview_player
Показать описание
With the rise of supply chain security attacks, the tools have evolved over the years. In this video, I discuss my views on why 0 CVEs are important and how we can achieve that with Chainguard images. I also have a question and high hopes for the NIX community, which can play a big part here.

Do watch till the end and let me know your thoughts and what you are using for your Docker base images.

Other resources to learn:

►►►Connect with me ►►►
  1. Kubesimplify
  2. docker images
  3. supplu chain security
  4. log4j
  5. docker scout
  6. trivy
Рекомендации по теме
How to build 0:17:23

How to build 0 CVE docker images? Can there be a better solution?

let’s play with 0:21:21

let’s play with a ZERO-DAY vulnerability “follina”

the scariest Microsoft 0:01:00

the scariest Microsoft vulnerability (still no patch)

Zero CVE base 0:14:27

Zero CVE base images for Dockerfile

WinRAR 0day: CVE-2023-38831 0:00:46

WinRAR 0day: CVE-2023-38831 Proof Of Concept (PoC)

SQL Injection 101: 0:00:33

SQL Injection 101: Exploiting Vulnerabilities

How to get 0:04:12

How to get a CVE | Methodology

Exploiting MSDT 0-Day 0:15:29

Exploiting MSDT 0-Day CVE-2022-30190

Therapists’ Take on 0:57:33

Therapists’ Take on Vulnerability as the Lifeblood of Healthy Relationships

Microsoft MSHTML Remote 0:14:24

Microsoft MSHTML Remote Code Execution Vulnerability | POC | 0-day | CVE-2021-40444

ZeroLogon Exploit - 0:08:07

ZeroLogon Exploit - Abusing CVE-2020-1472

New Microsoft MSHTML 0:45:28

New Microsoft MSHTML Zero-Day Exploit (CVE-2021-40444) POC - Analysis with Process Monitor

How hackers exploit 0:01:05

How hackers exploit XSS vulnerabilities to create admin accounts on your WordPress blog

Microsoft ZERO-DAY vulnerability 0:08:30

Microsoft ZERO-DAY vulnerability “follina” msdt | CVE-2022-30190 | Explained Exploitation & Work...

How Automated Vulnerability 0:44:41

How Automated Vulnerability Analysis Discovered Hundreds of Android 0-days

Analyzing Microsoft Zero-Day 0:32:05

Analyzing Microsoft Zero-Day Exploit (CVE-2021-40444)

Website Vulnerabilities to 0:19:50

Website Vulnerabilities to Fully Hacked Server

Find Vulnerabilities Fast! 0:10:40

Find Vulnerabilities Fast! New Docker CLI Command: Docker Scout

How Vulnerability Builds 0:00:48

How Vulnerability Builds Intimacy #relationshippodcast

Was Vulnerability Management 0:00:45

Was Vulnerability Management Stressful?

Vulnerability: A trust-building 0:00:34

Vulnerability: A trust-building tactic or a misunderstood concept? #podcast #vulnerability #shorts

Node.js, how to 0:13:13

Node.js, how to solve vulnerability issues?

Finding The .webp 0:24:11

Finding The .webp Vulnerability in 8s (Fuzzing with AFL++)

Building applications on 0:23:40

Building applications on Azure with zero CVE Images

Комментарии
Автор

If the current image has cve ? (Assuming using base img as chainguard )
There will be vulnerability?

holiodin
Автор

What tool he mentioned near 9:49 mint or mint plus something ca anyone provide official link for the tool ?

VikasSharma-bulh