Container Security

Tuesday, October 30, 2018 - 11:45 am12:30 pm

Daniel Walsh, Red Hat

Abstract: 

This talk examines all of the technologies used to keep containers separate. We will examine concepts of what needs to be considered when containerization is happening. Whether to run your apps in containers, VMs or on bare metal. It will examine technologies like Linux Capabilities, SECCOMP, SELinux, Device Cgroups, Read Only.

I will talk about new container technologies like KATA Containers which use KVM for separation and advances in the User Namespace.

Daniel Walsh, Red Hat

Consulting engineer at Red Hat leading Container Engineering team. Including CRI-O, Buildah, -podman, containers/storage and containers/image. Docker/Moby project contributor. Led the SELinux project, concentrating on the application space and policy development.

BibTeX
@conference {221744,
author = {Daniel Walsh},
title = {Container Security},
year = {2018},
address = {Nashville, TN},
publisher = {{USENIX} Association},
month = oct,
}

Presentation Video