Containers Layer by Layer

Presented by

Dane Grace, Technical Product Manager - VRM at Rapid7

About this talk

Many organizations have adopted or are currently adopting containerization as a strategy for deploying their applications. This provides numerous benefits but also presents challenges when security is taken into consideration, the least of which is tool sprawl. This is exemplified by the fact that a single Docker container could be run on the serverless container services on any of the big cloud providers, as well as on a Docker host installed on a PC running under a developer’s desk. Moreover, vulnerabilities present on the operating system host, the container host, or the container workload itself all present attack surfaces for bad actors to leverage against organizations. This begs the question: how do security teams gain confidence that they are addressing vulnerabilities across these tools in a holistic manner. They need to be sure that they are addressing vulnerabilities across the host operating system (where available), the container host and the container workload itself. Moreover, they need to be aware of the phases at which vulnerabilities are introduced, which include pre-deployment, within the CI/CD pipeline, and finally at runtime. Dane Grace presents the 9-box model of container VRM, which is a conceptual framework that helps security teams identify the layers of technology and phases of deployment that they need to address.

Related topics:

More from this channel

Upcoming talks (21)
On-demand talks (280)
Subscribers (21303)
Rapid7 is advancing security with visibility, analytics, and automation delivered through our Insight platform. Our solutions simplify the complex, allowing security teams to work more effectively with IT and development to reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Over 9,300 customers rely on Rapid7 technology, services, and research to improve security outcomes and securely advance their organizations. For more information, visit our website