►
From YouTube: GitLab 13.2 Kickoff - Defend:Container Security
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hi,
my
name
is
Sam
white
and
I'm
doing
the
kickoff
for
the
gate,
lab
13q
released
for
the
container
security
group
for
this
iteration.
We
plan
to
do
two
items
that
I'll
be
covering
today.
Neither
of
those
are
marked
deliverable,
which
means
we're
not
committed
to
doing
them
entirely
for
the
13
two
release,
but
we
do
plan
to
work
on
both
of
them.
A
I
know
that's
deviating
a
little
bit
from
what
we
normally
cover
in
these
few
coffee
dioz,
but
as
we
do
plan
to
focus
our
work,
efforts
on
those
two
items
I
did
want
to
at
least
cover
them
at
a
high
level.
Here
today,
so
the
two
items,
the
first
one,
is
active
response
options
for
container
host
security.
This
one
adds
to
the
work
that
we
did
in
13:1
by
integrating
with
Falco
and
app
armor
to
also
integrate
with
Falco
sidekick
and
Falco.
A
Sidekick
allows
us
to
send
to
do
pink
certain
actions
any
time
a
Falco
rule
was
violated
and
that
would
include
sending
a
slack
message,
sending
an
email
or
sending
a
message
out
the
assist
log.
The
second
item
that
we
plan
to
address
is
to
build
on
the
work
that
we
did
for
a
policy
management,
editing
experience
for
container
network
policies
in
13:1.
We
added
a
policy
tab
here,
along
with
some
the
ability
to
view
the
rules
and
to
enable
and
disable
those
policies
that
are
created.
A
We
want
to
extend
that
by
building
on
this
experience
with
a
plain
text,
description
of
the
rule
that's
being
applied
as
well
as
a
quick
preview
of
the
animal
file
in
this
drawer.
You
will
now
be
able
to
edit
the
description
or
enable/disable
it
and
quickly
hit
apply
changes
to
just
make
some
quick
changes.
If
you
click
Edit
policy,
then
that
takes
you
to
more
robust
experience
and
I
have
a
small
prototype
here.
That
I
can
show
you
what
that
looks
like
here.
You
can
come
in
and
name
your
policy.
A
You
can
put
in
a
description,
and
then
you
get
a
plain
text,
wizard
of
sorts
that
lets
you
define
what
you
want
that
Network
policy
to
do
so.
You
could
come
in
here
and
say:
network
traffic
is
outbound
from
any
pod
and
is
outbound.
You
know
to
this
specific
IP
address
on
any
port
or
again
you
can
specify
you
know.
An
exact
port
and
protocol
then
allow
the
network
traffic.
A
So
again
it
lets
you
create
a
rule
in
plain
text,
a
plain
language
description
and
on
the
side,
if
Auto
generates
the
llamo
file,
it
also
generates
a
plain
text
description
here,
explaining
what
that
policy
does
there's
a
rule
mode.
If
you
want
to
be
more
than
we
currently
support
in
this
UI,
you
can
always
switch
over
to
the
yell
mode
and
edit
the
ml
file
directly,
which
gives
you
full
control
over
what
the
policy
does
again.
A
In
any
case,
we
do
plan
to
iterate
on
this,
so
as
certainly
as
possible,
but
part
of
this
feature
will
make
it
in,
but
since
this
is
what
the
majority
of
the
team
is
going
to
be
working
on
for
that
for
the
upcoming
release,
I
wanted
to
share
these
designs
and
if
you
have
any
feedback
or
if
you
would
like
to
learn
more
about
what
we're
planning
feel
free
to
reach
out
to
me,
my
email
address
is
sy.
A
cat
lab
comm.