Malicious Compliance: Reflections on Trusting Container Scanners

The presentation discusses the potential vulnerabilities and limitations of image scanning and S-bomb generation tools in DevOps and cybersecurity, and suggests ways to improve their effectiveness and prevent malicious attacks.

• Image scanning and S-bomb generation tools are sensitive to changes in metadata and the quality of the steps involved in building images, and inconsistent results can cause problems for organizations
• Malicious actors can manipulate the results of these tools, causing downstream effects and potentially compromising security
• To prevent attacks, tool makers should adopt a more adversarial approach and provide a more restrictive mode with detection coverage as the focus
• Users of these tools should check for unusual behavior, validate inputs and processes, and consider their threat model when making policy decisions
• Teams should work together to achieve larger goals and reduce toil

The speaker shared an anecdote about how their team chose the approach of malicious compliance to avoid the extra work and development friction caused by the increasing number of scans and results needing resolution. This adversarial relationship with the security team could have been prevented if the teams had worked together to achieve larger goals and considered their threat model when making policy decisions.

A commonly recommended best practice for security and compliance is to scan container images for vulnerabilities before allowing them to run inside a cluster. Many organizations codify allow/deny policies based on the results of these scans, using this policy-as-code approach to form the basis of trust. But what exactly are container scanners looking for? And can you always trust the results? Let’s break this down layer by layer, from an attacker perspective. Why do certain changes in the way images are built produce wildly varying results? Can the flexibility in how container images are built and distributed be used to alter or prevent scanning tools from being able to fully understand what's in a container? How might clever image builders use these tricks to avoid scrutiny from these tools? Join the hacker crew known as SIG-Honk, and let’s have some fun! Ian Coldwater, Duffie Cooley, Brad Geesaman, and Rory McCune will demonstrate some creative ways to intentionally bypass container image analysis and admission control detection. Attendees will walk away with a greater understanding of the limitations of tooling used to validate images, and learn how to create better security policies in their own environments. The results may surprise you!