Nailing Container Security in your CI/CD Pipeline |
Abstract
Are your application teams going rogue and using containers in an uncontrolled manner? Or have you avoided adoption because containers are new & scary? Or are you just not sure where the threats are yet? If so, then this is the talk for you. A dense talk on the securing of containers from the perspective of a highly regulated entity. Firstly we look at the evolving maturity of containers, then we deep dive into the various layers in the technology stack. We discuss options for on-premise use of containers as well as in cloud. From there we go through the threats at each layer and, importantly, the solution to address them. We also touch on the changes in processes security & asset teams need to adopt to succeed in securing a container stack. |