If it's in a Container it's Secure Right?
Topic: Cloud Security
Abstract: In the talk we will look at the different layers of security that can be applied to a container eco system and the different teams responsibility in the eco system to deliver security.
From the sysadmins point of view how do i make sure the container daemon is secured, what official hardening guides are out there to follow. From an application developers point of view, how does secomp/appapparmor work? To make sure that only the process from the application have access to the host machine. Now that we have the local container secured, how do we make sure our deployments follow the same structure and security profiles. Can we add security checks to our container CD pipeline like we would quality gates? Lastly we will look at from the point of the security team. How can they have input to all the steps we have taken from beginning of the process and not the end. Allowing all the teams to work together breaking down silo to deliver a solution.
Speaker Bio: Scott Coulton, AutoPilot HQ
Scott Coulton is a solutions architect with 10 years of experience in the managed services and hosting space. He has extensive experience in architecture, and rolling out systems and network solutions for national and multinational companies with a wide variety of technologies, including AWS, Puppet, Docker, Cisco, VMware, Microsoft and Linux. His design strengths are in cloud computing, automation and the security space.
OpenStack Australia Day Government - Canberra 2016