CI/CD/CS: implementing continuous security across your delivery pipeline and at run-time

Continuous Delivery helps to keep your software and Docker images updated and deploy new versions in production easily. Microservices are great reducing the attack vector and limiting the privileges or credentials access of each piece of your application. Containers provide an opportunity to implement better security, small, inmutable, single process and purpose.

In this session, we will discover real use case examples on how to make your CI/CD pipeline interact with Docker security tools. But security doesn’t stop where your deployment pipeline ends. How we can prepare for 0-days and policy violations that happen at run-time? Can we make it part of the CI/CD process?

Required audience experience

Medium to experienced in Docker and security

Objective of the talk

You will walk away having learned:

  • how to optimize a CI/CD pipeline for container security
  • understand container static scanning vs run-time analysis
  • examples and specific use cases when this is definitely useful
  • some tools that can help you with this: Jenkins, Blue Ocean, Clair, Sysdig

Track 2
Location: Date: May 17, 2018 Time: 2:30 pm - 3:15 pm Jorge Salamero, Sysdig