Session

The Platform Engineer Playbook - 5 Ways to Container Security

The infamous Log4Shell vulnerability took the software community by surprise two years ago; it was a perfect storm of the massively popular open-source library with a vulnerability that was fairly trivial to attack. Will there be another massive vulnerability to deal with this year? It’s always possible, but there are things you can do to protect your application.

As we address additional layers in our defense-in-depth model, and with many containers requiring scale, an advanced application network with a wide array of security features is required. How do we ensure the right policies are in place to allow communication? What mechanisms exist to ensure that payloads in our network cannot be deciphered or replayed? How do we leverage identity to attest containers and their intent?

From a developer’s shell to a platform engineer moving to a runtime in production, there are many tools and practices available to mitigate and detect would-be attackers and make their lives harder.

This session will include a live demo of the Log4Shell remote code exploit (RCE) and effective techniques to defend against vulnerabilities like it such as:
- Code & container image scanning
- Best practices for container runtime configuration
- Policy enforcement in Kubernetes
- Container authentication & authorization
- Encryption & identification for services

Join us and protect your organization from an attack on the next critical CVE and make it harder for attackers to leverage it against you!

Marino Wijay

Solutions Architecture - Networking, APIs, Kubernetes

Toronto, Canada

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top