Container technologies enable you to build and scale applications more rapidly, but their increased complexity and ephemeral nature create new vulnerabilities and attack vectors that expose your application to potentially crippling security risk. Each layer of your container application, including your code and third-party dependencies, exposes you to new security concerns, and we’re going to show you just how easy they are to exploit!

In this live hacking session, we’ll demonstrate how to identify security and configuration risks in a vulnerable application deployed into OpenShift. We’ll then exploit the application as an attacker would in order to showcase some of the most common container vulnerabilities and what they can do to expose your container application to a malicious actor. We’ll show you how to deploy our Red Hat-certified Snyk Operator into OpenShift and demonstrate clear remediation actions and best practices for each attack scenario, illustrating how you can protect your application by automatically detecting container image vulnerabilities in registries like Red Hat Quay.

In this session, you’ll learn about:

• Some of the most commonly known exploits for container applications
• How to deploy the Snyk Operator into OpenShift from catalogs like the Red Hat Marketplace
• How best to plug vulnerability scanning into a container delivery pipeline
• How to efficiently remediate vulnerabilities and misconfigurations in container workloads using Snyk
• How to use Snyk to continuously monitor manifests for newly discovered vulnerabilities