The Cloudcast #260 - Securing Container Workloads
Published July 20, 2016
23 min
    Add to queue
    Copy URL
    Show notes
    Aaron and Brian talk with Randy Kilmon (VP of Engineering at @black_duck_sw) about the open source vulnerabilities, securing containers and managing the lifecycle of rapidly changing software.

    Show Links:
    Show Notes:
    • Topic 1 - Welcome to the show. Tell us a little bit about your background and your areas of focus at Black Duck Software.
    • Topic 2 - For anyone that’s not familiar with Black Duck, what role does Black Duck play in looking at open source licensing vs. actively helping with security and vulnerabilities?
    • Topic 3 - One of your areas of focus is containers and container security. Obviously containers is top of mind for lots of people. What’s the reality of container security and what are the areas where people should focus their attention?
    • Topic 4 - Let’s talk about “pre-container” (developers) security vs. “post-container” security (operations). What are the “gates” applications should be going through, and where are people making mistakes today?
    • Topic 5 - Can we talk about managing security in the container vs. security in the host?
    • Topic 6 - We have a number of listeners that are going down a journey with containers, either directly (e.g. Docker) or via PaaS platforms (e.g. Cloud Foundry, OpenShift, etc.). What’s your guidance to them?
        0:00:00 / 0:00:00