Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Containers, Reuse and Security:
What’s in Your Wallet?
Mitch Engel
ACT40T
ACCELERATOR ZONE
Founder
BlueLantern.io
2 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
© 2017 CA. All rights reserved. All trademarks referenced h...
3 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Abstract
Using containers to accelerate application develop...
4 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Agenda
CONTAINERS AND SECURITY CONSIDERATIONS
SECURITY TECH...
5 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Containers and Security Considerations
▪ What’s in a contai...
6 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Security Techniques and Their Usage
▪ Static techniques – l...
7 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
DevSecOps – Security Intersects With DevOps
▪ Instilling se...
8 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
BlueLantern and Your Containers
▪ Proactive security
– Comp...
9 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Discussion
▪ Primary security concerns with containers?
▪ H...
10 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Experiences
Help evolve our approach to
security as contai...
11 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Check these out on SlideShare if you didn’t see
them live…...
12 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Yipee.io
Visual Modeling For
Microservice Applications
CA ...
13 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Questions?
14 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Stay connected at communities.ca.com
Thank you.
15 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
CA Accelerator
For more information on CA Accelerator,
ple...
Upcoming SlideShare
Loading in …5
×

Containers, Reuse and Security: What’s in Your Wallet?

164 views

Published on

Containers, Reuse and Security: What’s in Your Wallet?
For more information on CA Accelerator, please visit: ca.com/accelerator

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Containers, Reuse and Security: What’s in Your Wallet?

  1. 1. Containers, Reuse and Security: What’s in Your Wallet? Mitch Engel ACT40T ACCELERATOR ZONE Founder BlueLantern.io
  2. 2. 2 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS © 2017 CA. All rights reserved. All trademarks referenced herein belong to their respective companies. The content provided in this CA World 2017 presentation is intended for informational purposes only and does not form any type of warranty. The information provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA. For Informational Purposes Only Terms of this Presentation
  3. 3. 3 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Abstract Using containers to accelerate application development, but have security concerns? Want to improve reuse ability and decrease your risks at the same time? Looking to improve production application security? In this session we’ll explore containers and their security concerns for both public and private registries. We’ll discuss DevSecOps, examine the different vulnerability techniques, where they fit into the development lifecycle and how binary scanning for containers can improve your security profile, allow you to shift from reactive to proactive detection and help increase your confidence level in production. Mitchell Engel BlueLantern.io Founder
  4. 4. 4 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Agenda CONTAINERS AND SECURITY CONSIDERATIONS SECURITY TECHNIQUES AND THEIR USAGE EARLY ADOPTERS DEVSECOPS – SECURITY INTERSECTS WITH DEVOPS BLUELANTERN AND YOUR CONTAINERS DISCUSSION – THOUGHTS AND FEEDBACK 1 2 3 4 5 6
  5. 5. 5 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Containers and Security Considerations ▪ What’s in a container – Layer hierarchy - yours, mine and ours… ▪ A day in the life of a container – Images, number of, dynamics, transiency, updates, etc. ▪ Is isolation a concern? – Containers, VMs, segmentation, etc. ▪ What’s in those public and private repositories Are they more or less secure?
  6. 6. 6 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Security Techniques and Their Usage ▪ Static techniques – left biased dev / test – Code reviews, source analysis, composition analysis, vulnerability assessment, signing, configuration and access ▪ Run time – right biased test / stage / production – Dynamic, Interactive, Runtime Application Self-protection ▪ Process and Governance – Education, policy enforcement, threat modeling, automated security, gates and acceptance, secrets, OS hardening Tactics for Risk Mitigation
  7. 7. 7 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS DevSecOps – Security Intersects With DevOps ▪ Instilling security throughout the SDLC – “That’s an Operations problem” – “I wish those SecOps guys would leave me alone” ▪ The right technique and when to use it – There is no one size fits all ▪ Is proactive better than reactive? – Treat exposures like a bug Security Is Everyone’s Responsibility
  8. 8. 8 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS BlueLantern and Your Containers ▪ Proactive security – Composition and configuration analysis – Source-less vulnerability assessment (CVE / CWE detection) – Tracking and auditing – Risk profiling – Shifted both left and right in the SDLC ▪ Intelligent run time ▪ Adapted in the context of containers Deep Scanning
  9. 9. 9 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Discussion ▪ Primary security concerns with containers? ▪ Host your own container registries? ▪ Use other vendor registries? ▪ What does “official” or “certified” mean to you? ▪ Most effective strategy against exploits? ▪ Who in your organization is responsible for security? Thoughts and Feedback
  10. 10. 10 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Experiences Help evolve our approach to security as containers continue to gain widespread growth and increasing presence in production environments. Key Topics Containers offer competitive differentiation in the modern software factory but speed and agility exacerbate security concerns. Findings Proactively addressing published and unpublished exposures early in the SDLC is a powerful advantage as part of a holistic security strategy with containers. Summary A Few Words to Review
  11. 11. 11 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Check these out on SlideShare if you didn’t see them live… SESSION # TITLE DATE/TIME DST38T Shifting Security to the Left—Watch End-to-End DevSecOps Solution in Action 11/15/2017 at 4:15 pm DST50T How Components Increase Speed and Risk 11/15/2017 at 1:45 pm ACT37T Docker and Microservice Jeopardy! 11/16/2017 at 11:30 am
  12. 12. 12 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Yipee.io Visual Modeling For Microservice Applications CA Accelerator Zone Must See Demos BlueLantern.io Securing Containers Through Intelligent Scanning CA Accelerator Zone
  13. 13. 13 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Questions?
  14. 14. 14 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Stay connected at communities.ca.com Thank you.
  15. 15. 15 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS CA Accelerator For more information on CA Accelerator, please visit: ca.com/accelerator

×