Container Security Fundamentals Part I
Containers are everywhere. Of course, a large part of the appeal of containers is the ease with which you can get started. However, productionizing containers is a wholly different beast. From orchestration to scheduling, containers offer significantly different challenges than VMs.
In particular, in terms of security. Securing and hardening VMs is very different than that for containers.
In this two-part session, we will see what securing containers involves.
We'll be covering a wide range of topics, including
- Understanding Cgroups and namespaces
- What it takes to create your own container technology as a basis of understanding how containers really work
- Securing the build and runtime
- Secrets management
- Shifting left with security in mind
About Raju Gandhi
Raju is a software craftsman with almost 20 years of hands-on experience scoping, architecting, designing, implementing full stack applications.
He provides a 360 view of the development cycle, is proficient in a variety of programming languages and paradigms, experienced with software development methodologies, as well an expert in infrastructure and tooling.
He has long been in the pursuit of hermeticism across the development stack by championing immutability during development (with languages like Clojure), deployment (leveraging tools like Docker and Kubernetes), and provisioning and configuration via code (toolkits like Ansible, Terraform, Packer, everything-as-code).
Raju is a published author, internationally known public speaker and trainer.
Raju can be found on Twitter as @looselytyped.
In his spare time, you will find Raju reading, playing with technology, or spending time with his wonderful (and significantly better) other half.