Recently I had the pleasure of joining hundreds of DevOps pros, IT managers, and security engineers at the first ever Container Security event at LEGOLAND. Attendees discussed the newest technologies, scariest threats, and biggest trends in the evolving world of container security. If you weren’t lucky enough to be a part of the fun, here’s a quick recap of what Threat Stack’s Director of Product, Todd Morneau, spoke about. Read more “Container Security: Winter is Coming — Dress in Layers!”
Introducing containers into cloud infrastructure can lead to faster development cycles as well as more efficient use of infrastructure resources. With these kinds of competitive advantages, it’s no wonder why container orchestration platforms like Kubernetes are so popular. In fact, Gartner estimates that 50 percent of companies will use container technology by 2020 — up from less than 20 percent in 2017.
While the value and popularity of containers are undeniable, deployments have opened up a whole new set of infrastructure security concerns for Development and Operations teams. This is why more and more companies are focusing on container security to ensure that they don’t ship software with known vulnerabilities, to protect sensitive data, and to maintain compliance with industry-specific regulations such as HIPAA, PCI, or SOC 2. Resources like the Center For Internet Security (CIS) benchmark reports on Kubernetes or Docker provide comprehensive, objective guidelines for organizations transitioning to containers.
In this post, we’ll walk through some of the top questions you need to ask when thinking about establishing security and maintaining regulatory compliance in a container infrastructure environment. Read more “Top 4 Questions to Ask About Compliance, Security, and Containers”
Making a Secure Transition to Containers
September 27 | LEGOLAND | Somerville, MA
We’re super excited to announce our upcoming event — Builders of Tomorrow — a container security meetup at LEGOLAND in Somerville, MA.
Come hear from a rockstar team of container security leaders including:
- Todd Morneau, Director of Product at Threat Stack
- Jay Vyas, core contributor to Kubernetes and technologist at Black Duck
- Hemant Kapoor, Global Head of SRE at Wayfair
- Kevin Landt, Director of Product Management, OpsGenie
- Ryan Wallner, Technical Manager Portworx
We also have a surprise guest speaker you won’t want to miss!
This will be our first security-driven container event. Builders of Tomorrow is the only event that brings engineers, IT managers, SREs, and thought leaders together in a single forum to explore how teams can scale and secure modern applications in a transitioning world.
Builders of Tomorrow
Where: LEGOLAND Discovery Center Boston: 598 Assembly Row, 2nd Floor, Somerville, MA
When: Thurs, September 27, 2018, 5:00 – 9:00 p.m. EDT
Registration: If you haven’t registered already, reserve your tickets now.
What to Expect
The event will feature a mix of thought provoking sessions, expert panels, and hands-on build workshops with industry leaders and hands-on practitioners alike.
Between sessions, attendees will have the opportunity to exchange ideas with their peers and network at one of the most exciting venues in the Boston area.
Did we mention we have access to all LEGOLAND exhibits/attractions including?
- Build Center
- Lego Themed Escape Room
- Roller Coaster
- Star Wars Episode 2 Exhibit
- Full Catered Beer, Wine, and Food
Sign up today and we’ll see you on September 27!
Gartner estimates that 50 percent of companies will use container technology by 2020, up from less than 20 percent in 2017. The operational benefits of containers, including optimized build times and more efficient use of infrastructure resources, have caused a surge in interest in container orchestration platforms like Kubernetes. At the same time, Kubernetes deployments have opened up a whole new set of infrastructure security concerns for Development and Operations teams.
For teams just getting started with Kubernetes deployments, here’s an overview of three things you need to know about securing your infrastructure from the outset. Read more “3 Things to Know About Kubernetes Security”
Organizations are migrating from virtual server workloads to containers at a frenzied pace, buying into the increasingly popular technology and taking advantage of containers’ many benefits in terms of agility. The application container market is set to explode, according to 451 Research: Annual revenue is expected to increase by 400% over a period of five years, growing from $749 million in 2016 to more than $3.4 billion by 2021.
It’s not hard to see why. Containers are simple to deploy and provide users with greater operational flexibility and compute density, resulting in an optimized build pipeline. Turning to a container orchestration platform, such as Kubernetes, removes an additional layer of operational complexity for even greater ease of deployment and management.
However, a transition in infrastructure is never simple, and along with the advantages come new security challenges. In this post, we’ll discuss some of the risks you should consider before diving headfirst into a container environment, as well as some solutions for mitigating them. Read more “Infrastructure in Transition: Securing Containers”
With the popularity of container environments on the rise, we’ve seen many Threat Stack customers undergoing infrastructure transitions of late. Whether they’re deploying containers for the first time or moving to container orchestration platforms, the shift is one that requires careful consideration when it comes to security. Often, however, organizations just don’t know where to begin in terms of integrating security with their evolving infrastructure.
Recently, I sat down with Pat Cable, Threat Stack’s Senior Infrastructure Security Engineer, to get his point of view on the challenges posed by evolving infrastructure and how Threat Stack can help ensure a secure transition. Read more “Q&A With Pat Cable: How Threat Stack Secures Evolving Infrastructure”
This post is part of a series in which we review key cloud security topics from our most-read blog posts from 2015.