September 13-16, 2022
Dublin, Ireland + Virtual
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Irish Standard Time (UTC +1). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Thursday, September 15 • 11:00 - 11:40
Zero-Configuration Runtime Software Component Detection - Inhyeok Jang, The Affiliated Institute of ETRI

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
SBOM has received significant attention due to recent incidents. Therefore, you can find many related tools and resources for generating it. However, detecting information about software running in an operating environment remains an unresolved problem. Although Apache patched the Log4Shell vulnerability last year, many applications and systems are still vulnerable. It becomes more challenging to detect and fix when an application embeds a vulnerable software component buried in long dependency chains. In this talk, Inhyeok Jang finds out how to determine whether vulnerable software is running on your systems and applications. In particular, he uses eBPF to detect which version of the software of interest, such as Log4j and Spring Core, from the running system without an initial configuration for each application. To this end, he will show what information needs to be obtained from the kernel when executing the java application. He also introduces how to process the data collected from the Linux kernel in the userspace to find out Java Archive information such as title and version. Using the implemented runtime java component detector, he verifies whether the vulnerable version of the component is used in the container images in a public repository and talks about the result.


Inhyeok Jang

Senior Researcher, The Affiliated Institute of ETRI
Inhyeok Jang is a senior security researcher at the Affiliated Institute of Electronics and Telecommunications Research Institute. He has a particular interest in container runtime security, currently focusing on kernel instrumentation using eBPF.

Thursday September 15, 2022 11:00 - 11:40 IST
Liffey Meeting Room 3 (Level 1)