Confidential containers are changing the game for how we secure sensitive workloads in the cloud. In this talk, we’ll break down what confidential containers are and why they matter to DevOps teams and developers who care about protecting data-even from the people running the infrastructure. We’ll explore how technologies like hardware-based Trusted Execution Environments (TEEs) and memory encryption can keep your code and data safe, even if the host is compromised.

We’ll look at how confidential containers fit into your existing container workflows and CI/CD pipelines, and discuss what’s different when it comes to deployment, monitoring, and troubleshooting. You’ll learn about attestation protocols (think: proving your container is running securely), secure key management, and the practical trade-offs around performance and complexity.

If you’re wondering how to run regulated, sensitive, or mission-critical workloads in multi-tenant or public cloud environments without giving up the flexibility of containers, this session is for you. You’ll come away with a clear understanding of how confidential containers work, what problems they solve, and how you can start experimenting with them in your own infrastructure-no deep security background required.