Containers Layer by Layer

Logo
Presented by

Dane Grace, Technical Product Manager - VRM at Rapid7

About this talk

Many organizations have adopted or are currently adopting containerization as a strategy for deploying their applications. This provides numerous benefits but also presents challenges when security is taken into consideration, the least of which is tool sprawl. This is exemplified by the fact that a single Docker container could be run on the serverless container services on any of the big cloud providers, as well as on a Docker host installed on a PC running under a developer’s desk. Moreover, vulnerabilities present on the operating system host, the container host, or the container workload itself all present attack surfaces for bad actors to leverage against organizations. This begs the question: how do security teams gain confidence that they are addressing vulnerabilities across these tools in a holistic manner. They need to be sure that they are addressing vulnerabilities across the host operating system (where available), the container host and the container workload itself. Moreover, they need to be aware of the phases at which vulnerabilities are introduced, which include pre-deployment, within the CI/CD pipeline, and finally at runtime. Dane Grace presents the 9-box model of container VRM, which is a conceptual framework that helps security teams identify the layers of technology and phases of deployment that they need to address.
Related topics:

More from this channel

Upcoming talks (31)
On-demand talks (571)
Subscribers (47737)
Rapid7 is creating a more secure digital future for all by helping organizations strengthen their security programs in the face of accelerating digital transformation. Our portfolio of best-in-class solutions empowers security professionals to manage risk and eliminate threats across the entire threat landscape from apps to the cloud to traditional infrastructure to the dark web. We foster open source communities and cutting-edge research–using these insights to optimize our products and arm the global security community with the latest in attackers methods. Trusted by more than 10,000 customers worldwide, our industry-leading solutions and services help businesses stay ahead of attackers, ahead of the competition, and future-ready for what’s next.