CatSalad🐈🥗 (D.Burch) 
@cR0w @malwareminigun @crow This shirt, but with cR0w
Jun 18 at 6:04pmWeb
Show threadJim FlanaganJun 18
@catsalad @cR0w @malwareminigun @crow Do we care what Infosec says? Are we caring about that?
Show threadBilly O'NealJun 18

@jimfl @catsalad @cR0w I can assure you that our compliance folks VERY MUCH care about that. And have automated scanners that look at our container registries and scream at us if any tag isn't patched.

(To be clear, I agree with this behavior by default. I just wish there was a distinction between 'build lab' containers and 'web serving' containers because those are very different threat environments)

×
CatSalad🐈🥗 (D.Burch) Jun 18
@cR0w @malwareminigun @crow This shirt, but with cR0w
Show threadJim FlanaganJun 18
@catsalad @cR0w @malwareminigun @crow Do we care what Infosec says? Are we caring about that?
Show threadBilly O'NealJun 18

@jimfl @catsalad @cR0w I can assure you that our compliance folks VERY MUCH care about that. And have automated scanners that look at our container registries and scream at us if any tag isn't patched.

(To be clear, I agree with this behavior by default. I just wish there was a distinction between 'build lab' containers and 'web serving' containers because those are very different threat environments)