While it is a standard practice to scan container images during the build process, it doesn’t foolproof in securing an Amazon EKS cluster from runtime threats. Some of the common scenarios where runtime threats emerge due to images include:

• Images that passed scan during the build phase but harbor vulnerabilities days or weeks later.
• Third-party images pulled from public registries, that often bypass the build pipeline scanning
• One-off images outside of app development pipeline for emergency patches to fix critical bugs.
• Existing workloads in runtime within a cluster that lack image scanning or container runtime tools.

To address and remediate these security gaps during runtime, this webinar will provide a deep dive into how Calico Cloud offers an out-of-box in-cluster real-time image scanning for Amazon EKS clusters. In this webinar, you will learn:

• The limitations of build-time image scanning and why runtime scanning is crucial for maintaining a secure Amazon EKS cluster.
• How Calico Cloud’s in-cluster image scanner operates, its setup simplicity, and how it fills the security gaps in your existing or new Amazon EKS clusters.
• Demonstrations on how to utilize Calico Cloud’s in-cluster image scanner for real-time vulnerability detection and remediation.