Containers are just another piece of the puzzle
This is the second time we gave a talk at the Nexus User Conference. The first time was in 2018. See the previous blog post.. In the talk of 2019 we highlight the need to secure containers and the container ecosystem. Full title of the talk was: containers are just another piece of the puzzle – protect them to secure your business.
Pieces of the puzzle
We dive into the topics of:
- Vulnerability scanning and patching
- Protecting Docker hosts systems (VMs, Kubernetes, Serverless)
- Proper secrets management (Vault) for Containers
- Containers as (software) artifacts – not an infrastructure component
Containers as software artifacts
The last topic is very important since that is the main concept of the talk. A lot of discussion around Containers in the Enterprise is about governance. We treat containers just as other software artifacts: they have their own life-cycle, they contain other (third party) libraries, they might (and will) contain vulnerabilities which needs to be patched, etc. In this talk we explain how we tackle those issues in an easy fashion.
We all know Sonatype for their excellent webinars. This webinar is also broadcasted for everyone who is interested in it. Please follow the link to the live-stream if you want to know more about it. People all around the world watched the stream. Several blogs were created: the one from Erik Dietrich at DZone is a very good example.