As organisations look to move to containers, many think of containers as “another type of virtualisation”, and assume that the key questions to ask are the same as those for VMs. This session will explain how container security is much more than just “execution isolation”, and goes to the heart of the CI/CD and DevOps lifecycle. A true understanding of container security also considers processes, tools and – vitally important, but often neglected – culture. Without a true integration into business processes, and an embracing of automation as central to security, container adoption can prove more damaging than beneficial: this session will share examples of how it can work.
Understanding of basic CI/CD and lifecycle concepts
Objective of the talk:
Understand the key differences between containers and VMs/hypervisors
Discover various security considerations for CI/CD and DevOps
Consider how security must be “baked in” to container lifecycles
Examine the various types of security processes that can be adopted
Learn from industry examples