E09: Vulnerability Scanners

Vulnerability scanning — a decade ago it was a novel and indispensible tool for discovering any vulnerabilities in your fleet. Today, more often than not, these scanners are seen as a necessary evil and more a source of aggravation than actually beneficial. According to CVE.org, in 2015 there were under 6500 CVEs assigned. In 2024 that number was over 40000, a 515% increase in under ten years. With the proliferation of containers, a single CVE can “affect” one entity once or tens of thousands of times. Given the volume and ever-growing compute landscape, are vulnerability scanners still our best path …