This document summarizes Justin Cormack's talk on security at DevOpsDays London. It discusses how developers and operations teams can work together to improve security by clearly defining what access and permissions each service or microservice requires. It provides examples of pledge and Content Security Policy for limiting actions and access. It also discusses how containers provide a secure environment through mechanisms like namespaces, capabilities, and seccomp profiles. The talk argues for making security configurations easier to define, more uniform across tools, and correlated so different options can be set together for whole roles or types of services.