AppSec Europe 2018 has ended
                                                                                    ***Content is subject to change.***
Back To Schedule
Friday, July 6 • 2:15pm - 3:00pm
Securing Containers on the High Seas LIMITED

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Limited Capacity seats available

It can be a difficult challenge for most organizations to migrate to containers and develop a secure strategy for implementation and management. Making the shift from legacy virtualization and monolithic deployments to containers requires a solid strategy for securely making the jump. Containers offer many security benefits but it’s important to adopt controls and good practices throughout the lifecycle, across all of the systems and interfaces with which they interact. From container registries, through development and deployment, it’s important to enforce security and eliminate risks as they’re easily introduced.
A robust enterprise container strategy requires focusing on infrastructure, architecture, tooling, policies, and processes. Hardening your containers and ensuring they remain free of known vulnerabilities is important, but this is not a comprehensive approach. Containers, their runtime behavior, and capabilities are influenced by other systems such as container orchestration platforms and schedulers. While organizations are focused on hardening individual containers and services, they also need to think about how to limit lateral movement and post-exploitation steps by attackers through sound architectural choices.
 This presentation will focus on scaling container security within an enterprise and building security controls at different layers to provide comprehensive coverage. We will discuss the modern container landscape including multiple container runtimes and standards such as Open Container Initiative (OCI) and Container Storage Interface (OSI) as well as their their impact on security moving forward. We will explore the container lifecycle from your developer’s laptop through your production environment and examine the key security problems to mitigate. By the end of the presentation the audience should confidently be able to develop a secure approach to their organization’s container strategy.

avatar for Jack Mannino

Jack Mannino

CEO, nVisium
Jack Mannino is the CEO of nVisium. Passionate about security and impossible to keep away from a keyboard, his expertise spans over 15 years of building, breaking, and securing software. Jack founded nVisium in 2009, and since then has helped the world's largest software teams enhance... Read More →
avatar for Abdullah Munawar

Abdullah Munawar

Director of Professional Services, nVisium
Abdullah Munawar is the Director of Professional Services at nVisium who specializes in application security testing and helping clients build application security programs. He previously worked on the security teams for various federal and financial organizations, with over 10 years... Read More →

Friday July 6, 2018 2:15pm - 3:00pm BST
Westminster- 4th Floor QEII Centre Broad Sanctuary, Westminster, London. SW1P 3EE