Containers can actually improve your security story
Maya Kaczorowski explores how containers offer a fundamentally different, possibly better, security model than you're used to. They enable you to patch your environment more easily, identify when you're affected by a new vulnerability, and enforce governance for what is deployed in your environment.
| Talk Title | Containers can actually improve your security story |
| Speakers | Maya Kaczorowski (Google) |
| Conference | O’Reilly Velocity Conference |
| Conf Tag | Building and maintaining complex distributed systems |
| Location | San Jose, California |
| Date | June 11-13, 2019 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
Adopting containers can be intimidating to anyone, but if you’re on the security team, it can feel like yet another technology that you’re now responsible for. Containers are meant to be short-lived, frequently redeployed, and immutable. They enable you to patch your environment more easily, identify when you’re affected by a new vulnerability, and enforce governance for what is deployed in your environment—containers provide a fundamentally different security model, and that’s a good thing. Maya Kaczorowski covers how containers change your development pipeline and how this helps, rather than hurts, your overall security model. She dives into how this specifically helps with vulnerability discovery, securing your software supply chain, and isolation. You’ll leave able to engage your security team on how to better do DevSecOps or continuous security.
