Tech N' Talk Summary

In this Tech N' Talk, Red Hat’s Kirsten Newcomer discusses the 10 most common layers in a typical container deployment and talks about ways to build security into each layer. These layers included: The container host, content, and registries, the CI/CD process, the container platform, networking, storage and API management.

Organizations are rapidly adopting containers to more easily develop and manage the applications that drive business value. However, as with any newer technology, enterprise use requires strong security at every stage of the lifecycle. Securing containers is a lot like securing any running process. You need to think about security throughout the layers of the software stack. You also need to secure your CI/CD pipeline. You need defense in depth.

This discussion covered each of these 10 layers, and Kirstin uses Red Hat’s Open Shift Container Platform and Kubernetes to illustrate how these layers can be used to deliver continuous security for containers.

About Our Guest Speaker:

Kirsten Newcomer works closely with Red Hat’s many security professionals across the Red Hat portfolio of enterprise-ready open source offerings. Kirsten is a diversified software management professional with 15+ years of experience in application development and infrastructure solutions. Prior to joining Red Hat, Kirsten provided strategic direction for Black Duck’s open source governance solutions, designed to help organizations maximize the benefits of open source. Her career has spanned successful roles at IBM Software Group, Rational Software, and BMC Software. Kirsten is an active member of the Linux Foundation's Software Package Data Exchange (SPDX) working group. In her free time, Kirsten serves as an Alumni Trustee for Marlboro College in Marlboro, VT.

Additional Resources:

Slides from the presentation: TechNTalk-Ten Layers of Container Security-Kirsten NewComer

Whitepaper: Ten Layers of Container Security
OpenShift Commons Briefing: Security Practices at Amadeus

If you'd like to get notified of upcoming Tech N' Talks, please join our Facebook group and check out our full calendar of upcoming Tech Talks.

Tech N' Talk Playlist

You can find a playlist of all previously recorded Tech N' Talks on YouTube.

Don't forget to leave your feedback and suggestions for each video on YouTube or in the comments section below.

About Tech N' Talk

The Tech N' Talk podcast series aims to bring together thinkers, creators, and coders from across the entire Cloud Native ecosystem to discuss some of the most interesting ideas and innovations in technology today and sparks more conversations and collaborations. Join the discussion online here!

Learn More at the Next OpenShift Commons Gathering in Austin Dec 5th

Numerous other Red Hatters, and CNCF/Kubernetes project leads will be gathering together in Austin for the upcoming OpenShift Commons Gathering co-located with Kubecon at the Austin Convention Center. Register now to reserve your seat at this day long event!

More Austin Gathering details here: http://openshiftgathering.com/openshiftgathering/austin

About OpenShift Commons

OpenShift Commons is the place for organizations that are part of the OpenShift community to connect with peers and other related open source technology communities to communicate and collaborate across all OpenShift projects and stakeholders.

The Commons' goal is to foster collaboration and communication between OpenShift stakeholders to drive success for all members, and expand & facilitate points of connection between members for sharing knowledge and experience to help drive success for the platform and for participants: customers, users, partners, and contributors.

Join OpenShift Commons today http://commons.openshift.org/#join