CNCF On-Demand Webinar:Rethinking your company’s cloud security in shadow of the SolarWinds attack

CNCF Online Programs
Mar 4 - 10, 12:00 AM (PST)

About this event

The SolarWinds cyber-attack is probably the most sophisticated and damaging nation-state cyber campaign we have seen in recent years. A key factor in the attack was the ability of the attackers to have their code digitally signed and approved by compromising the SolarWinds software supply chain. While breaching the SolarWinds supply chain was a complicated task, most of the cloud workloads used today come from much weaker supply chain sources such as DockerHub and GitHub Repositories. With recent research showing more than 50% of DockerHub images containing malware, it is almost inevitable that similar backdoors to the one seen at SolarWinds either already exist or will soon compromise additional cloud environments. While it initially seemed to be an attack focused solely on on-prem networks, it is now quite clear that it’s a new form of hybrid cyber-attack involving both on-premises and cloud-native assets. This type of attack exploits existing vulnerabilities and utilizes advanced techniques to keep under the radar of existing detection tools. In this webinar, we will analyze the SolarWinds attack to better understand the vulnerabilities of cloud-native environments, such as Kubernetes. We will then enumerate effective measures to eliminate or mitigate the risks inherent in cloud environments.

Featured Presentation

Speakers

  • Amir Kaushansky

    Amir Kaushansky

    ARMO

    VP Product

  • Leonid Sandler

    Leonid Sandler

    ARMO

    CTO


  • Organizers

  • Ihor Dvoretskyi

    Ihor Dvoretskyi

    Cloud Native Computing Foundation

    Organizer

    View Profile
  • Kristi Tan

    Kristi Tan

    CNCF

    Organizer

    View Profile
  • Chris Aniszczyk

    Chris Aniszczyk

    Linux Foundation (CNCF)

    Organizer

    View Profile
  • Libby Schulze

    Libby Schulze

    CNCF

    Organizer

    View Profile