Deploying software to a container presents a different security model than deploying an application to a VM. There is a smaller attack surface per container, but the container is colocated on a node with other containers. Containers are meant to have a shorter lifetime than VMs, so there are generally fewer consequences if a container needs to be destroyed and rebuilt due to a potential security vulnerability.

Maya Kaczorowski works on container security at Google. In a recent talk at KubeCon, Maya discussed the runtime security of containers on Kubernetes. Maya joins the show to discuss container security, and what it means to software developers and operators.

Maya also gives guidelines for evaluating the security of your own cluster. We talked about the security benefits of a managed Kubernetes provider and also explored how some container security vendor software works.

The post Container Security with Maya Kaczorowski appeared first on Software Engineering Daily.