Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Why You Need to Rethink Container Security

367 views

Published on

Security is holding back container adoption in production. By rethinking security, as it applies to production container deployments, we can actually expedite the adoption of containers in production deployments.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Why You Need to Rethink Container Security

  1. 1. WHY YOU NEED TO RETHINK CONTAINER SECURITY Sasan Padidar FlawCheck
  2. 2. SASAN PADIDAR FOUNDER & CTO Former Chief Architect of Appthority, in charge of helping Appthority scale up mobile app program analysis from thousands of apps to millions of apps MS in CS with a focus on Concurrency Theory, Theorem Proving, and Static Analysis Previous experience working as a consultant to One King’s Lane, Facebook, and Google, to help them scale up 6 cybersecurity patents (additional in progress) Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 2
  3. 3. HOW CAN WE EXPEDITE CONTAINER ADOPTION? Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 3
  4. 4. WHY YOU NEED TO RETHINK CONTAINER SECURITY Being able to trust images & containers is key Current security products are not designed for container ecosystems Scalability is critical Products serving containers need to be agile and flexible Security products need to integrate tightly with the SDLC Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 4
  5. 5. BEGIN TO TRUST IMAGES Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 5
  6. 6. FLAWCHECK PRIVATE REGISTRY Scalable solution for detecting vulnerabilities & malware in containers Takes seconds per container (supports parallelization & concurrent analysis for limitless scale) Runs in the public cloud, private cloud, on-premise, and air-gapped Supports Docker and all major cloud & on-premise CI/CD platforms Checks containers before containers reach production environments Provides continuous monitoring of protected containers Checkpoint inserted into the data pipeline to layer policy on top of containers Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 6
  7. 7. DEMO: TEARING APART CONTAINERS What did we find? Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 7
  8. 8. THANK YOU Sasan Padidar Founder & CTO spadidar@flawcheck.com @spadidar Are you using Docker in development environments but concerned about the security of running it in production? Register today for FlawCheck Private Registry’s free plan, which includes vulnerability & malware inspection services for 1 private repository: https://console.flawcheck.com/register Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 8

×