Containers: Your Ally in Improving Security

Presented at BSidesSF 2019, March 4, 2019, 2:50 p.m. (30 minutes).

Developers are now building, configuring, and deploying their own services on Kubernetes and Docker. Yikes! All three offer lots of built-in security tactics. Let's explore how to automate and determine configurations like: - Read-only filesystem - Linux capabilities and seccomp profiles - Limiting cross-container communications Using Kubernetes metadata and syscall data, we can systematically configure our services as opposed to simply turning these features on and hoping that we haven't broken our deployments.

Presenters:

  • Connor Gilbert - StackRox
    Connor Gilbert is a senior product manager at StackRox, a Kubernetes security company. He has presented at BSides SF, Google Next, and Cloud Native Rejekts; hosted Cloud Native Computing Foundation (CNCF) webinars; and published CNCF blogs on cloud-native security topics. Connor was previously principal architect at StackRox and a security research scientist at Qadium (now Expanse), where he built tools to uncover network perimeter exposures and conducted DARPA Internet security research. He holds degrees in computer science from Stanford University. Connor first discovered Kubernetes in 2015 and has been using it ever since.
  • Connor Gorman - StackRox
    Connor Gorman is a Staff Software Engineer at StackRox, where he designs and builds the StackRox Kubernetes Security Platform. Lately, he has focused on helping users understand the complete risk context for their Kubernetes workloads and enabling them to implement effective security controls to mitigate those risks. Previously, he revamped significant parts of Medallia’s worldwide data-center and application deployment architecture.

Links:

Similar Presentations: