Why should developers care about container security? | Mirantis Labs – Tech Talks


Register now for next week’s Tech Talk: https://labs.mirantis.com/events/details/mirantis-developer-community-tech-talks-presents-what-is-a-service-mesh-learn-how-to-get-started-with-it/
Full Tech Talk calendar: https://labs.mirantis.com/events/#/calendar

Why, exactly, should I care about things like Dockerfile image users and read-only filesystems? Why do people keep harping on image sizes? What do CPU and RAM limits have to do with appsec?

In this session, we’ll not only answer these questions but will demonstrate what can happen when they are ignored! This presentation is for developers and their leaders curious about the unique security implications of running in containers and how to take a proactive approach toward securing their development practices.

CHAPTERS
0:00 – Introduction & agenda
3:29 – DevOps vs DevSecOps: DevOps
7:06 – DevOps vs DevSecOps: DevSecOps
12:57 – Live Demo: security implications when running containers
28:24 – Live Q&A: has the recent Spring vulnerability been resolved?
29:21 – The DevOps feedback loop
30:10 – Defense in depth: best practices & tooling to consider
45:17 – Review: key takeaways from today’s talk
46:20 – Helpful resources discussed today
47:12 – A quick look ahead to next week’s Tech Talk
48:20 – Live Q&A: is there a solution to scan Docker containers in Runtime?
50:20 – Live Q&A: what tools do you recommend to see if your K8s clusters meet security requirements?
52:47 – Outro


Duration: 00:53:53
Publisher: Mirantis
You can watch this video also at the source.