Practical End-to-End Container Security at Scale • Yashvier Kosaraju • GOTO 2020
About this talk
This presentation was recorded at GOTO Chicago 2020. #GOTOcon #GOTOchgo http://gotochgo.com Yashvier Kosaraju - Product Security Expert at Twilio Inc. ABSTRACT Deploying containers using Kubernetes has become the new defacto deployment standard most companies are turning towards. Developing with containers is very different from traditional development practices and so is securing these containers & deployments. Traditional approaches of security do not scale well with the high paced container world. Automation and CI-CD integrations are more effective ways of keeping your containers secure without slowing your development practices. In this talk we will look at different security checks you can place at various points within your SDLC [...] TIMECODES 00:00 Intro 00:44 Agenda 01:16 Why? 01:41 What does practical security mean? 02:29 Why do traditional approaches not work? 03:20 Container pipeline 04:20 Securing container pipeline 04:43 Base image security 07:35 Container registry security 10:33 Vulnerability scanning 13:21 Docker Daemon security 14:05 Docker runtime security 14:34 Docker CIS benchmark 15:03 Kubernetes CIS benchmark 15:12 Logging & alterting 15:43 Realtime alerting in containers 15:58 Issues at scale 17:22 Helpful resources Download slides and read the full abstract here: https://gotochgo.com/2020/sessions/1273/practical-end-to-end-container-security-at-scale RECOMMENDED BOOKS Aaron Parecki • OAuth 2.0 Simplified • https://amzn.to/2A3IMOf Aaron Parecki • OAuth 2.0 Servers • https://amzn.to/3ecHEsz Aaron Parecki • The Little Book of OAuth 2.0 RFCs • https://amzn.to/3i7qnlC Erdal Ozkaya • Cybersecurity: The Beginner's Guide • https://amzn.to/2T6OIj3 Richer & Sanso • OAuth 2 in Action • https://amzn.to/3hXiAH6 Wilson & Hingnikar • Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0 • https://amzn.to/2U8iLY2 https://twitter.com/GOTOchgo https://www.linkedin.com/company/goto- https://www.facebook.com/GOTOConferences #Containers #Security #Backend #Programming #SoftwareArchitecture #k8s #Kubernetes #SDLC Looking for a unique learning experience? Attend the next GOTO conference near you! Get your ticket at http://gotocon.com SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily. https://www.youtube.com/user/GotoConferences/?sub_confirmation=1
Topics covered
Stay Updated
Get notified about new features and conference additions.
