As organizations increasingly utilize container images for their production workloads, securing them becomes more critical. What happens if the vulnerability scanners used to scan these images contain vulnerabilities themselves? This talk will explore the hidden risks associated with container vulnerability scanning tools and how to mitigate these potential threats.

Container vulnerability scanning tools, like any other software, can have vulnerabilities. If not regularly updated and patched, they can become targets for attackers who exploit these weaknesses to compromise critical systems. Also, these tools often require elevated privileges, leading to misuse or unauthorized access, posing significant security risks.

After this session, you'll learn:
- False positives and false negatives
- Identifying dependency issues
- Strategies for isolation and segmentation
- Secure configurations
- Managing permissions and access
- Applying defense-in-depth strategies