自动修复在 AWS 中运行的容器的漏洞 [重复].pdf

《自动修复在 AWS 中运行的容器的漏洞 [重复].pdf》由会员分享，可在线阅读，更多相关《自动修复在 AWS 中运行的容器的漏洞 [重复].pdf（12页珍藏版）》请在三个皮匠报告上搜索。

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.SEC332-RAutomate vulnerability remediation for containers running in AWSKim Banga(he/him)Solutions ArchitectAWSOwen Hawkins(he/him)Principal Solutions ArchitectAWS 2

2、025,Amazon Web Services,Inc.or its affiliates.All rights reserved.AgendaContainer Security Overview on AWSContainer Image Vulnerability ManagementRemediation and AutomationDiscussion&WhiteboardingQ&A 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or i

3、ts affiliates.All rights reserved.Are you running container workloads in production?2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Deployment,scheduling,scaling,and management of containerized applicationsAmazon Elastic Container Service(Amazon ECS)Amazon Elastic Kubernetes Servi

4、ce(Amazon EKS)ManagementWhere the containers runHostingAmazon EC2 AWS FargateContainer image repositoryImage registryAmazon Elastic Container Registry(Amazon ECR)AWS managed container services 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Workload health(EKS/Kubernetes):liveness

5、/readiness/startup probes+rolling updates/rollback.Amazon Elastic Container Service(Amazon ECS)Amazon Elastic Kubernetes Service(Amazon EKS)Workload HealthImage health(ECR+Inspector):continuous image+workload-aware scans trigger rebuild and redeploy.Image HealthAmazon Elastic Container Registry(Amaz

6、on ECR)InspectorSignerSupply Chain TrustAmazon SignerOk -But How Do We Get To Self-Healing?2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Amazon Confidential and Trademark.7Container Vulnerability Management:Shift left with Amazon InspectorAmazon Inspector sca