Security Symposium 2020: Virtual: Live Panel: Containers and Kubernetes Security

Security Symposium 2020: Virtual: Live Panel: Containers and Kubernetes Security

This presentation is a 16 slide introduction to what must be thought about when building a production cloud. Proper image management is critical engineering task.

Security Symposium 2020: Virtual: The Security Implications of Running Software in Containers

Security Symposium 2020: Virtual: The Security Implications of Running Software in Containers

This presentation is a 16 slide introduction to what must be thought about when building a production cloud. Proper image management is critical engineering task.

A Concise Introduction to DevSecOps

Why Should I Care About DevSecOps? Are you a frustrated security professional, trying to get your organization to change (aren’t we all)? Or perhaps, you are trying to get management to value security more? Or maybe, you are a security conscious Developer (wait, do those actually exist? Yes, yes, they do) or Sysadmin who knows

What is sVirt and How Does it Isolate Linux Containers?

What is sVirt and How Does it Isolate Linux Containers?

Background What is sVirt and, why does it matter for your containers? The short answer is, because sVirt is another layer of security and defense in depth is a good approach to security. The longer answer is, sVirt dynamically generates an SELinux label for every single one of your containers, which makes them less likely

OpenStack Summit 2018: Vancouver: Engineering Container Security: Addressing the Unique Security Challenges of Containers at Scale in a Multi-Cloud World

OpenStack Summit 2018: Vancouver: Engineering Container Security: Addressing the Unique Security Challenges of Containers at Scale in a Multi-Cloud World

This presentation is a 16 slide introduction to what must be thought about when building a production cloud. Proper image management is critical engineering task.

LinuxCon+ContainerCon Europe 2016: Berlin: Container Defense in Depth

LinuxCon+ContainerCon Europe 2016: Berlin: Container Defense in Depth

This presentation is a 16 slide introduction to what must be thought about when building a production cloud. Proper image management is critical engineering task.

LinuxCon+ContainerCon Europe 2016: Berlin: Taming Container Fears

LinuxCon+ContainerCon Europe 2016: Berlin: Taming Container Fears

This presentation is a 16 slide introduction to what must be thought about when building a production cloud. Proper image management is critical engineering task.

Red Hat Summit 2016: San Francisco: Secure Your Enterprise Software Supply Chain with Containers

Red Hat Summit 2016: San Francisco: Secure Your Enterprise Software Supply Chain with Containers

This presentation is a 16 slide introduction to what must be thought about when building a production cloud. Proper image management is critical engineering task.

Securing Docker Containers with sVirt and Trusted Sources

Securing Docker Containers with sVirt and Trusted Sources

Background As has been stated before, Docker containers do not contain all of the parts of the operating system necessary to be considered secure. That said, the advantages of using them is so compelling that many companies, large and small, have began to investigate how to run containers in a production environment. I would argue

OpenSSL Certificate Authority

Background Recently, I discovered how to use the openssl provided CA script to create a certificate authority and self signed certificates. Traditionally, I had ran all fo the commands manually. When using the CA script it is critical to understand the underlying security concepts. Certificate Authority Openssl has infrstructure to create a long lived Certificate