DevOps and Docker Talk: Cloud Native Interviews and Tooling

Trivy and Tracee, Aqua Security Tools

Listen Later

Bret is joined by Anaïs Urlichs of Aqua Security to talk container and Kubernetes security tools like trivy, kube-bench, tracee, and kube-hunter. I've been using trivy for over four years to scan for known vulnerabilities in my own container images and my clients.

We also look at tracee, a new tool that is part of a new generation of tools that use the Linux kernel eBPF feature to investigate what's happening in real time on your servers. Anaïs is great as an explainer of Kubernetes and all cloud native things, and she's the creator of the 100 days of Kubernetes tutorials on her YouTube channel where she breaks down various cloud native topics for beginners. Based on what I've learned in this show from Anaïs, I plan to change how I use trivy so that it's scanning more things and more often in my CI automation pipelines.

Streamed live on YouTube on November 3, 2022.


Unedited live recording of this show on YouTube (Ep #190)

Topics★
Aqua Security Tools
Aqua Security on YouTube
Trivy
Trivy-Operator
kube-bench
tracee
kube-hunter

★Anaïs Urlichs★
Anaïs on Twitter
Anaïs' Newsletter
Anaïs on YouTube
100 Days of Kubernetes

Join my Community
New live course on CI automation and gitops deployments
Best coupons for my Docker and Kubernetes courses
Chat with us and fellow students on our Discord Server DevOps Fans
Grab some merch at Bret's Loot Box

Homepage bretfisher.com

  • (00:00) - DDT MAIN
  • (00:04) - Intro
  • (00:53) - Custom intro
  • (02:28) - Main show
  • (02:32) - Introducing Anais
  • (04:30) - Security Tools
  • (04:56) - What is Aqua Security
  • (06:12) - Not all security scanners are made equal
  • (07:22) - What is Trivy?
  • (08:01) - Misconfiguration scanning with Trivy
  • (12:12) - Security vs Disruption
  • (13:06) - Address vulnerabilities in the base image
  • (14:11) - Question: Operator for Trivy
  • (17:51) - Automating the tool
  • (19:45) - Vulnerability fatigue
  • (20:32) - Question: Go and No-go Criteria
  • (24:13) - Tip Toe, Start Small
  • (25:19) - Kube Bench
  • (26:08) - Kube Hunter
  • (28:09) - What is Tracee?
  • (33:39) - What is the roadmap for implementing these tools?
  • (39:57) - Outro

    • You can also support my content by subscribing to my YouTube channel and my weekly newsletter at bret.news!

    Grab the best coupons for my Docker and Kubernetes courses.
    Join my cloud native DevOps community on Discord.
    Grab some merch at Bret's Loot Box
    Homepage bretfisher.com

    ...more
    View all episodesView all episodes
    Download on the App Store
    DevOps and Docker Talk: Cloud Native Interviews and ToolingBy Bret Fisher
    • 4.6
    • 4.6
    • 4.6
    • 4.6
    • 4.6

    4.6

    53 ratings

    More shows like DevOps and Docker Talk: Cloud Native Interviews and Tooling

    View all
    Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

    Software Engineering Radio - the podcast for professional software developers

    272 Listeners

    .NET Rocks! by Carl Franklin and Richard Campbell

    .NET Rocks!

    244 Listeners

    The Changelog: Software Development, Open Source by Changelog Media

    The Changelog: Software Development, Open Source

    284 Listeners

    The Cloudcast by Massive Studios

    The Cloudcast

    152 Listeners

    LINUX Unplugged by Jupiter Broadcasting

    LINUX Unplugged

    265 Listeners

    Thoughtworks Technology Podcast by Thoughtworks

    Thoughtworks Technology Podcast

    40 Listeners

    Talk Python To Me by Michael Kennedy

    Talk Python To Me

    590 Listeners

    Software Engineering Daily by Software Engineering Daily

    Software Engineering Daily

    621 Listeners

    AWS Podcast by Amazon Web Services

    AWS Podcast

    201 Listeners

    Python Bytes by Michael Kennedy and Brian Okken

    Python Bytes

    215 Listeners

    Data Engineering Podcast by Tobias Macey

    Data Engineering Podcast

    140 Listeners

    Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

    Syntax - Tasty Web Development Treats

    987 Listeners

    Kubernetes Podcast from Google by Abdel Sghiouar, Kaslin Fields

    Kubernetes Podcast from Google

    181 Listeners

    The Stack Overflow Podcast by The Stack Overflow Podcast

    The Stack Overflow Podcast

    62 Listeners

    The Real Python Podcast by Real Python

    The Real Python Podcast

    139 Listeners

    Agentic DevOps by Bret Fisher

    Agentic DevOps

    2 Listeners