Explore container patch management strategies in this 30-minute conference talk from BSidesSF 2019. Learn how containerization changes traditional patching approaches, moving from virtual machines to immutable, short-lived containers in production environments. Discover the benefits of continuous container image rebuilding and redeployment, which integrates patching into the regular code rollout process. Gain insights into best practices for maintaining container images and patches within image registries, and understand how companies like Google leverage containerized infrastructure to patch critical vulnerabilities without downtime. Delve into topics such as Kubernetes, software supply chain security, blue-green deployments, and live migration techniques. Examine real-world examples and demonstrations that illustrate the advantages of container-based patch management over traditional methods.
Overview
Syllabus
Intro
Overview
Containers Kubernetes
Traditional Software Supply Chain
Supply Chain
Containers
Container Patch Management
The Takeaway
Poll
Inspection
Demo
Bluegreen Deployment
Live Migration
Taught by
Security BSides San Francisco