Markdown Content - OpenStack Smmit 2016: Barcelona: Container Defense in Depth

---
# OpenStack Smmit 2016: Barcelona: Container Defense in Depth

**URL:** https://crunchtools.com/openstack-smmit-2016-barcelona-container-defense-in-depth/
Date: 2016-10-27
Author: fatherlinux
Post Type: post
Summary: This presentation is a 16 slide introduction to what must be thought about when building a production cloud. Proper image management is critical engineering task.Continue Reading "OpenStack Smmit 2016: Barcelona: Container Defense in Depth" →
Categories: Presentations
Tags: Container Engines, Container Tools, Red Hat
Featured Image: https://crunchtools.com/wp-content/uploads/2020/06/Screenshot-from-2020-06-05-20-09-22.png
---

## Abstract

Defense in depth is an information assurance technique used to protect a system from any particular attack through the use of blended countermeasures working together to meet control and governance requirements. In a containerized world, defense in depth is applied by thinking about security within a container, on the container host and at the container platform layer.

This talk will cover numerous technologies and practices at each layer - from kernel quality, SELinux (svirt), SECCOMP, and use of root, to measuring attack surface, patch remediation, and platform level authentication/authorization, these are the droids you are looking for.

This talk will help an end user understand the breadth of tooling that is available at each level and how they will help protect their system from intrusions and compromises.

This talk is focused on an operations and security minded audience. The audience will gain a framework in which to understand and think about the architecture of a containerized environment. This will allow them to better architect their own security guidelines in the context of a containerized environment.

Currently, there is an extreme lack of operational confidence. Everyone is trying to figure out how to apply security best practices in a containerized environment. This presentation will help existing systems administrators, SREs, and security specialists apply security best practices to a containerized environment.

## Presentation

 	- [Google Slides](https://docs.google.com/presentation/d/1Fs32kRG2FhbeO_-WdYSdP2dauepeo_VV5R69Q_xZeYo/edit#slide=id.g167dd20c9e_3_14)

 	- [YouTube](https://www.youtube.com/watch?v=wKT191Ak9fA)

 	- [PDF](http://crunchtools.com/wp-content/uploads/2020/06/The-security-implications-of-running-software-in-containers.pdf)

 	- [Schedule](https://www.openstack.org/summit/barcelona-2016/summit-schedule/global-search?t=container+defense+in+depth)

 	- [The New Stack Blog: Container Defense in Depth](https://thenewstack.io/container-defense-depth/)

---

## Categories

- Presentations

---

## Navigation

- [Home](https://crunchtools.com/)
- [Articles](https://crunchtools.com/category/articles/)
- [Events](https://crunchtools.com/category/events/)
- [News](https://crunchtools.com/category/news/)
- [Presentations](https://crunchtools.com/category/presentations/)
- [Software](https://crunchtools.com/software/)
- [Beaver Backup](https://crunchtools.com/software/beaver-backup/)
- [Check BGP Neighbors](https://crunchtools.com/software/check-bgp-neighbors-nagios/)
- [Chev](https://crunchtools.com/software/chev-check-vulnerabilities-script/)
- [Graph BGP Neighbors](https://crunchtools.com/software/grpah-bgp-neighbors/)
- [Graph MySQL Stats](https://crunchtools.com/software/graph-mysql-stats/)
- [Graph Sockets Pipes Files](https://crunchtools.com/software/graph-sockets-pipes-files/)
- [MCP Servers](https://crunchtools.com/software/mcp-servers/)
- [Petit](https://crunchtools.com/software/petit/)
- [Racecar](https://crunchtools.com/software/racecar/)
- [Shiva](https://crunchtools.com/software/shiva/)
- [About](https://crunchtools.com/about/)
- [Home](https://crunchtools.com)

## Tags

- Container Engines
- Container Tools
- Red Hat