Container hardening is a proven control for all organizations as part of a strong IT security strategy. One important component of container hardening is to use images without known vulnerabilities. While adding an image scanner and control policies in the CI/CD pipeline and policies at deployment chokepoints will prevent vulnerable images from being deployed, it does not proactively eliminate vulnerabilities that can be found in images that are already in the registry.

As part of our active reconnaissance strategy, the DevSecOps team have gone through all images in Agoda’s registry, looking for vulnerabilities. The results came back with more than…

Jemuel Dalino

Technical Program Manager — DevSecOps at Agoda

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store