Aaron and Brian talk with Tim Gerla (@tybstar, VP Product) and Dan Nurmi (@dannurmi, CTO) at @Anchore about their background as entrepreneurs, the challenges of container security, the challenges of CI/CD and security and how to avoid slowly down developers.
Topic 1 - Get an understanding of the team and their background
Topic 2 - What customer challenge is Anchore attempting to solve? What are some of the scary security/container stories out there?
Topic 2a - Let’s talk about awareness of this security challenge, especially amongst Dev teams vs. Ops teams.
Topic 3 - Anchore was founded by people from Eucalyptus and Ansible, which were very popular open-source projects. Does Anchore have an open-source model as well?
Topic 4 - How does Anchore fit into existing "container" systems and PaaS like Docker (or Docker Data Center), Cloud Foundry, Kubernetes, etc.? Don't some of those systems already have security elements built in?
Topic 5 - How does Anchore fit into some of the CI/CD systems, where developers could be adding random things into containers?
Topic 6 - Topic 6 - How does the reporting and management framework fit into other existing security systems for the CISO?