all InfoSec news
Patching an OS is easy, but dealing with OSS vulnerabilities is hard
March 6, 2023, 12:08 p.m. | /u/Xeteskian
cybersecurity www.reddit.com
We're currently using AWS enhanced scanning to inspect our images, and while our base images may be continually patched and secure, as soon as one of our developers modify it via Dockerfile and a language specific package manager, our security hub will often light up with 7.0+ CVSS and CVE's.
We also pull images from private repos of 3rd …
address aws base code cybersecurity developers hard high images language manager may open source organisation oss package package manager patching question risk scanning security software solutions vulnerabilities
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Azure DevSecOps Cloud Engineer II
@ Prudent Technology | McLean, VA, USA
Security Engineer III - Python, AWS
@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
SOC Analyst (Threat Hunter)
@ NCS | Singapore, Singapore
Managed Services Information Security Manager
@ NTT DATA | Sydney, Australia
Senior Security Engineer (Remote)
@ Mattermost | United Kingdom
Penetration Tester (Part Time & Remote)
@ TestPros | United States - Remote