![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=60,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore the security landscape of open source projects and public registries in this 34-minute conference talk by Ben Hirschberg from ARMO. Dive into groundbreaking research that scans popular open source projects like Grafana, Prometheus, Lens, Helm, and ArgoCD, as well as public registries such as DockerHub, Quay, GCR, and ECR. Discover how these widely-used resources measure up against common compliance frameworks including CIS, MITRE ATT&CK®, NIST, and NSA-CISA. Gain insights into prevalent misconfigurations, the impact of well-known CVEs (exemplified through Log4J), and critical red flags to watch out for when utilizing public resources. Conclude with a comprehensive risk analysis and scoring of these resources, highlighting key security concerns and providing best practices to safeguard your systems and operations in the ever-evolving container ecosystem.
![CNCF [Cloud Native Computing Foundation]](https://www.classcentral.com/cdn-cgi/image/height=40,format=auto,quality=85/images/logos/institutions/cncf-cloud-native-computing-foundation-hz.png){kind=small}
