Three Perspectives on the Evolution of Container Security – InApps Technology is an article under the topic Devops Many of you are most interested in today !! Today, let’s InApps.net learn Three Perspectives on the Evolution of Container Security – InApps Technology in today’s post !
Read more about Three Perspectives on the Evolution of Container Security – InApps Technology at Wikipedia
You can find content about Three Perspectives on the Evolution of Container Security – InApps Technology from the Wikipedia website
There still exists a kind of chasm in the broader software community between the people who are building new application containers today, and the people sandwiched in the middle of the phrase “DevSecOps” whose job is to keep the risk managers at bay. At issue is the very definition of security in a distributed, microservices-driven environment. Infosec professionals demand that containers, wherever they are, be secured. Developers say, that’s not the point: Containers are not virtual machines, and are designed to be ephemeral.
Never mind that, respond the infosec people. We have compliance mandates to maintain, and if it doesn’t look like those containers aren’t being secured, then from the risk people’s perspective, we may as well have posted all our passwords on 4chan.
To get a clearer picture of how the newest entrants in the container space are addressing the problem of keeping up both security and the appearance of security, we spoke with John Morello, CEO of security platform maker Twistlock, Liz Rice, an engineer at security integration firm Aqua Security, and Amir Sharif, founder of cloud-native security provider Aporeto. We met these folks at the most recent DockerCon event, for this edition of InApps Technology Makers.
Also available on Apple Podcasts, Google Podcasts, Overcast, PlayerFM, Pocket Casts, Spotify, Stitcher, TuneIn
6:53: How Twistlock uses machine learning in containerised applications.
8:42: Security policy implementation and Twistlock’s model rules.
20:18: Discussing container security exploits from Rice’s talk on namespaces and C-Groups.
26:52: Exploring DevSecOps in the enterprise.
32:56: Aporeto co-founder Amir Sharif on container security in development.
37:08 The benefits to automating application security.
Aporeto and Twistlock are sponsors of InApps Technology.
Let’s create the next big thing together!
Coming together is a beginning. Keeping together is progress. Working together is success.