Name: Establishing Container Trust at Scale [I] - Tim Mackey, Black Duck Software
Start: 2017-12-06T11:10:00-0600
End: 2017-12-06T11:45:00-0600

Back To Schedule

Establishing Container Trust at Scale [I] - Tim Mackey, Black Duck Software

Quantifying risks in a container image is a critical aspect of production deployments. With orchestration clusters supporting thousands of nodes, any risk assessment solution must work at production scale. Once a trusted image is deemed vulnerable, application risk increases, but which applications are impacted, and how far has trust been broken? Trust is established through best practices including the use of trusted image registries, static code analysis, fuzzing, strong perimeter defenses and deployment controls. Unfortunately, this trust model omits information flow.
Malicious actors succeed when applications are most vulnerable. When devising action plans in response to security disclosures, defenders must quickly assess both the impact and scope of the disclosure. This time to remediation requires accurate and actionable vulnerability assessments as applications are created, deployed and scaled. Enhancing security information flow accelerates risk mitigation at production scale.

Speakers

Tim Mackey

Senior Technical Evangelist, Black Duck by Synopsys

Tim Mackey is a technology evangelist for Black Duck Software specializing in the secure deployment of applications using virtualization, cloud and container technologies. Prior to joining Black Duck, Tim was most recently the community manager for XenServer and was part of the Citrix... Read More →

KubeCon 2017 NA Establsihing Container Trust at Scale pptx

Wednesday December 6, 2017 11:10am - 11:45am CST
Meeting Room 6AB, Level 3

Operations - CloudNativeCon

Audience Intermediate
Link to Session Recording https://youtu.be/uB20VT5UclI

KubeCon + CloudNativeCon North America 2017

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tim Mackey