I Didn't Register for This - What's Really in Google's Artifact Registry?

Discover critical security vulnerabilities and exposed secrets found in Google-owned container images through comprehensive scanning of Google's Artifact Registry in this 25-minute conference talk by Moshe Bernstein, Senior Security Researcher at Tenable Cloud Security. Learn about the alarming security findings uncovered during systematic vulnerability research of container images that organizations commonly deploy from Google's official registry. Explore the implications of these discoveries for cloud infrastructure security and understand the potential risks associated with using seemingly trusted container images. Gain insights into the methodology used to scan and analyze these images, and understand how these vulnerabilities could impact your organization's security posture when deploying Google-provided containers in production environments.