Get the Skills you need from Home with SANS OnDemand


To attend this webcast, login to your SANS Account or create your Account.

How to do Vulnerability Management for Containers

  • Friday, October 26th, 2018 at 1:00 PM EDT (17:00:00 UTC)
  • Apurva Dave and Dave Shackleford
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • Sysdig

You can now attend the webcast using your mobile device!


Development today is more rapid, dynamic, and distributed, with pressure to build and adapt to change as quickly as possible. Security is often left until later in the cycle, leading to vulnerabilities after going into production. With the rise of containers and continuous development (CI/CD),organizations have no choice but to bring application security, compliance, and quality closer to the developer. In this webinar, we will cover practical, reliable steps to ensure your applications are secure before they ever go into production. We'll cover:

  • How can I implement image scanning for containers?
  • How can I prevent images with known vulnerabilities from entering production?
  • What do I do once applications are actually in production? How do I ensure that those applications stay vulnerability-free?

Speaker Bios

Apurva Dave

Apurva is the CMO at Sysdig. Hes in marketing and (gasp!) not afraid of a command line. Hes been helping people analyze and accelerate infrastructure for the better part of two decades. He previously worked at Riverbed on both WAN acceleration and Network Analysis products, and at Inktomi on infrastructure products. He has a computer science degree from Brown University and an MBA from UC Berkeley.

Dave Shackleford

Dave Shackleford, a SANS analyst, instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.