►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Welcome
to
the
group
discussion
for
the
container
security
group
within
getwow
and
I'll
go
ahead
and
get
started
here,
just
an
fyi
for
everyone.
I'm
going
to
be
doing
the
ceo
shadow
program
coming
up
in
august,
so
I'm
going
to
do
the
absolute
best
that
I
can
to
make
sure
that
we
have
everything
lined
up
ahead
of
time.
Basically,
the
guidance
is
to
treat
that
as
time
off.
A
So
you
know,
even
though
I'm
still
here-
I'm
not
here
so
again,
I'm
hoping
over
the
next
few
weeks
to
have
enough
of
a
backlog
and
everything
built
up
that
we
can
make
that
transition
smoothly.
I
know
that
also
is
going
to
be
across
a
release.
Time
frame.
So
again
you
know
I'm
going
to
do
as
best.
I
can
to
make
sure
we
have
things
lined
up
for
13
4
in
advance
of
that.
A
B
I
learned
quite
a
bit
and
I
think
everybody
does
so
good
stuff.
A
All
right,
thiago,
I
think
you've
got
the
first
two
on
our
agenda.
D
A
D
A
A
So
then,
the
last
one
is
just
planning
breakdown
for
the
alert
dashboard
mvc.
I
think
we're
finally
ready
to
finish
breaking
this
down
to
the
mirror.
I
saw
your
comment
on
there
that
I
just
responded
to
moments
ago,
so
I
don't
expect
you
to
have
already
read
that.
Let
me
go
ahead
and
share
my
screen.
A
Bear
with
me
just
a
minute.
While
I
get
this
into
position,
let's
zoom
in
so
everyone
can
see
so
again.
I
know
we've
talked
about
this
like
for
two
or
three,
maybe
even
four
times
now,
that's
way
too
zoomed
in,
but
the
idea
is
to
create
a
an
experience
where
security
analysts
can
go
in
and
review
and
triage
their
high
priority
alerts
so
that
they
can
decide
how
best
to
respond.
A
What
those
alerts
are
is
are
to
be
defined
based
off
of
the
policies
that
they
create.
Here
we
go
so
to
really
implement
this.
We
to
in
its
entirety.
There
will
be
a
dependency
on
the
other
work
that
we
have
to
enable
create
edit
and
delete
policy
in
the
ui.
But
the
idea
is
that,
as
you're
coming
in
here,
you're
billing
out
a
policy.
A
You
can
have
multiple
rules
that
are
added
or
well
initially,
just
poured
together
and
then
you're
able
to
say
whether
you
want
to
allow
the
network
traffic,
but
then
you'll
also
get
this
new
action
button
at
the
bottom
and
right
now,
there's
only
one
action
that
will
support,
which
is
generating
an
alert
to
get
loud.
A
But
for
this
scope,
it'll
just
be
sending
an
alert
to
gitlab.
So
that's
really
where
that
gets
defined.
I
know
earlier
on
arthur.
We
talked
about
sending
this
through
basically
having
hubble
filter
the
events
that
are
being
monitored
by
psyllium
and
then
we'll
probably
need
some
kind
of
agent
is
what
you
mentioned
before:
to
actually
send
that
over
to
gitlab
and
generate
an
alert,
but
in
the
end,
that
alert
would
come
into
get
lab
and
it'll
just
be
displayed.
A
On
a
new
tab
for
the
designs
just
so,
I
can
walk
through
this
all
the
way,
so
we'll
have
a
new
tab
here
and
threat
monitoring
for
alerts,
and
then
the
alerts
will
populate
there
where
for
now
again
it's
just
for
the
mvc.
The
only
action
you
can
really
take
is
to
dismiss
them
one
at
a
time
or
to
filter
them
by
environment
or
policy.
A
D
I
have
a
question
about
pagination:
there's,
there's
nothing
in
the
designs
for
it.
What
did
you
have
in
mind,
the
infinite
scroll
that
we
have
like
in
the
security
dashboards
or
proper
pagination?
I
think
the
graphql
limitation
that
we
had
before
with
pagination
is
gone.
So
that's
definitely
an
option.
A
That's
great
to
hear
we'd
probably
have
to
defer
to
kyle
on
that
one,
since
that's
really
a
question
of
design,
but
I'm
assuming
that
we
would
go
with
pagination
just
to
mimic
as
much
as
we
can.
The
experience
that
exists
today
for
alert
and
monitor
and
I
can
drop
a
link
after
that
here
we
go.
A
But
today,
if
you
go
to
operations
alert,
you
have
a
very
similar
type
of
experience
for
where
we're
headed
and
if
I
go
to
all
alerts.
So
I
get
too
many.
They
just
paginate
it
here
at
the
bottom.
So
again,
kyle
would
be
the
ultimate
dri
on
that
question.
But
that's
what
I
would
imagine
I've
added
the
question.
A
So
that
being
said,
let
me
come
up
to
the
epic
and
see
if
there
are
any
other
questions
or
requirements
that
I
can
help
clarify.
It's
also
worth
noting.
I
guess
that
for
now,
because
it
is
an
mvc
we're
only
attempting
to
do
this
for
psyllium
to
start
off,
we'll
add
in
the
other
technologies
later,
but
just
you
know,
let's
take
off
one
thing
at
a
time
and
since
the
lane
is
further
along
and
everything
else,
it
makes
sense
to
start.
A
There
so
any
other
questions
about
these
requirements.
Is
this
detailed
enough
that
you
feel
we
can
move
it
to
refinement
or
are
there
other
outstanding
concerns
or
questions.
D
Yeah,
I
agree.
I'm
I
comfortable
with
moving
this
to
refinement.
There'll,
be
a
probably
a
little
bit
more
work,
refining
these
I'm
guessing
because
of
the
the
the
model.
The
database
model
work
that
we
need
to
build
in
we've
seen
we've
seen
that
a
lot
coming
up
in
I'm
seeing
that
coming
a
lot
in
the
threading
sites,
mrs,
where
maintainers
are
constantly.
D
So
if,
if
we
can
get
ahead
of
the
curve
here,
I
I
saw
that
you
and
wayne
have
already
agreed
with
what
I
mentioned
there
so
just
reminded
that
there
will
be
a
little
bit
of
of
a
build
up
to
understand
how
we,
how
we
can
do
that.
A
A
D
I
just
posted
a
message
in
in
slack
before
the
this
group
discussion.
Zambia
replied
thanks
for
that.
I
don't
know
if
you
saw
it
arthur,
but
the
question
is:
we've
got
a
very
large
shiny,
epic
coming
up
the
policy
management,
one
it's
about
24
points.
Our
velocity
has
been
in
the
ballpark
of
10,
so
by
all
measures
it
it's
it's
a
stretch
to
think
that
we
can
deliver
that
in
a
single
iteration
but
playing
its
favor.
It's
very
well
defined.
D
I
think
it's
probably
our
best
working
in
breaking
down
an
epic
and
and
refining
it,
and
I
was
looking
for
a
bit
of
advice
around
what
do
you
two
think
about
being
able
to
to
paralyze
that
work,
getting
both
of
you
in
there?
If
does
that?
Get
us
a
lot
closer
to
finishing
it
in
a
single
iteration
or
we
might
as
well
not
bother
and
go
go
for
go
for
the
active
response,
one
because
it's
a
it's
a
more
certain.
H
F
I
think
we
have
to
start
somewhere
with
policy
building
it's
clear
that
we
are
not
going
to
deliver
it
in
one
cycle.
It
doesn't
matter
if,
if
you
start
with
active
response,
it
will
not
help
us
ultimately
deliver
policy
build,
and
I
think
we
can
just
feature
flag
it
and
work
across
early
cycles
quite
easily.
There
is
no
problem
with
that
question
about
working
in
parallel.
F
There
is
definitely
some
work
that
can
be
split
quite
efficiently
and
at
least
like
there
is
a
clear
boundary
between
front-end
and
back-end
work,
and
even
in
back-end
there
is
a
split
between
changing
controls
and
introducing
support
for
serial
network
policies.
So
yeah
it's
definitely
doable
from
my
perspective.
F
If
you
cram
on
it,
we
can
get
quite
fire,
it's
it
looks
intimidating,
but
I
think
again
you
say
that
it's
so
different
and
we
have
even
some
prototype
going
on
on
top
of
that
and
we
had
some
piece
of
cod
in
that
prototype
that
we
can
reuse
on
the
front
and
side
yeah
from
the
perspective
that
we
have
to
start
somewhere,
I
would
say
it's
and
if
policy
abilities
provides,
we
have
to
start
with
it,
but
yeah
it's
up
to
sam
to
define
which
one
is
more
important
right
now.
I
guess.
A
Yeah,
so
my
thought
was
just
you
know,
would
it
be
worth
just?
I
mean
it's
just
kind
of
like
setting
a
goal
for
ourselves,
a
really
big,
hairy,
audacious
stretch
goal
of
you
know.
We've
got
two
developers
on
the
team
and
if
we
just
focus
on
this
and
nothing
else,
can
we
can
we
conquer
this
really
big
one
and
get
it
done
in
13-3
I
mean
all
the
numbers
say
no,
because
it's
so
big,
but
it
just
seems
like
it's
a
fun
goal
to
work
for.
F
F
But
then
here
I
mentioned
in
this
fact
that
reviews
is
a
huge,
unknown
factor
in
these
days
review
times
and
like
personally,
this
psycho-
I
struggled
quite
a
bit
with
that
specifically
so,
even
if
I
will
be
able
to
get
quite
far
like
delivering
so
many
a
mars
in
the
cycle
is
really
challenging,
and
for
me
it's
almost
the
most
challenging
part
of
this
work
is
just
amount
of
marks
that
he
has
to
go
through.
F
F
Please
test
it
and
present
a
way
to
disable
with
fifthness
or
that's
the
only
two
ways
to
do
it.
As
far
as
I,
I
am
aware
of
documentation.
D
Doesn't
help
us
the
reason
I
was
asking
is:
if
we
get
if
we
get
a
to
a
point
where,
for
instance,
we
we
don't
have
removal,
or
we
have
some
of
these
things
done
and
and
and
we
don't
feel
comfortable.
Turning
on
the
feature
flag,
do
it
yeah.
A
B
B
You
can
still
do
a
release
post
if
you
want
to
do
that-
and
this
is
a
point
of
contention
at
point
of
connection
point
of
discussion
across
engineering
and
pm
that
I
have
been
pulled
into
not
just
for
our
team
across
all,
but
I'm
starting
into
not
specific
to
release
posts,
but
just
in
terms
of
feature
flags
how
many
are
turned
on
by
default?
How
how
many
are
not?
How
many
do
we
add
each
release,
things
like
that
again,
not
specific
to
our
team,
just
overall
engineering,
I
I
actually.
F
Have
been
arguing
with
for
mr
that's
related
to
that
for
future.
Remove
when
I
read
the
docs,
it's
actually
clear
that
the
only
two
ways
to
do
it
is
either
remove
feature
flag
and
variety
docs
or
enable
feature
flag
by
default,
and
then
also
mention
how
to
revert
in
in
the
documentation
like
there
is.
It's.
B
C
B
A
D
Yeah
and
sam
needs
to
do
the
kickoff
video
tomorrow,
I
believe
so.
D
Stretch
any
preferences,
what
how
does
everyone
feel
about
it.
E
I
think
the
majority
of
us
would
like,
maybe
to
give
it
a
try
and
and
see
what
happens,
how
far
we
make
there,
because
we
are
going
to
have
to
do
this
work
anyways
that
the
the
reason
I
post
the
reply
over
there
is
just
that.
Sometimes
we
give
the
impression
that
if
we
split
by
two
we
double
the
time
and
with
the
mr
cycles,
maybe
if
you
have
to
change
the
same
file
over
and
over
again,
it
just
accumulates
a
little
bit.
A
All
right,
so
it
sounds
like
it's
positive,
so,
okay,
so
the
plan
for
13
30
is
we're
going
to
focus
just
on
that.
I'm
going
to
you
know
any
other
priorities
that
come
up.
I'm
going
to
push
them
off.
You
know
we'll
push
them
all
off
as
much
as
we
can
so
that
we
can
just
double
down
and
focus
on
this
one.
A
D
Be
a
good
surprise
for
you
to
come
back
to
from
your
from
your
ceo
shadow
shadow
yeah.
With
that
in
mind,
should
we
should
we
park
the
you
picked
up
some
stuff
in
active
response?
Should
we
park
that.
E
Yeah
and
there's
a
good
point
on
there,
because
for
for
fox
sidekick,
they're
they're
going
to
host
the
helm,
shard
themselves,
they're
figuring
out
the
best
place
for
that
still
so
then,
and
he
posts
on
the
issue
that
might
take
a
couple
of
weeks
for
them
to
decide
that
so
it
might.
It
might
be
a
good
pause
for
that.
So
then
we
don't.
A
All
right,
yeah
that
sounds
great
I'll,
have
to
talk
with
wayne
about
what
we
can
do
if
we
hit
our
goal.
But
we've
got
to
have
some
kind
of
you
know
celebration
if
we
make
it
because
that's
a
big.
B
B
Meeting
and
lindsay
tried
to
get
that
approved
and
I
think
we
asked
a
little
bit
later
and
we
didn't.
I
think
it's
like
a
hundred
bucks,
two
hundred
bucks
u.s
to
a
charity
for.
G
D
B
There
you
go,
I
want
to
know
what
the
name
is
going
to
be
the
so
just
a
quick,
quick
concert,
thanks
arthur
and
zamir,
for
the
help,
with
the
contribute
demo
that
philippe
and
nico-
and
I
are
working
on
really
helped
to,
and
actually
it's
really
good
experience,
as
well
as
somebody
who
isn't
on
the
team
trying
to
use
things.
So
I
think
we
can
actually
take
some
of
those
learnings
on
how
easy
it
is
to
install.
B
I
think
he
might
be
the
first
person
nico
installing
it
in
azure
versus
versus
gke,
so
so
good
stuff
and
really
appreciate
the
help.
Looking
forward
to
that
demo
nico
said
everything
is
working:
nikon
flips
it
everything's
working
now
that
they
were
expecting
and
now
we're
just
working
on
it.
B
So
it's
going
to
be
pretty
we're
going
to
do
a
hack
live,
show
how
we
catch
that
hack
in
this
application
and
then
show
how
we
can
turn
things
on
in
blocking
mode
to
block
the
hack
attempt,
and
so
nico
is
going
to
be
the
developer,
who
wrote
the
buggy
app
felipe's
going
to
be
the
security
person
looking
at
the
logs
and
I'm
going
to
be
the
bad
guy.
B
That's
great!
It's
going
to
be
recorded
recorded
in
the
contribute
customer
present
customer
conference
and
then
which,
which
is
free.
Anybody
can
can
register,
employ.
You
know,
get
labbers
and
and
any
customers,
or
actually
anybody
and
then
they're
gonna
be
available.
They're
gonna
like
broadcast
the
recordings
live
since
it's
all
remote
and
then
they're
gonna
make
them
available
recorded.
So
it's
me,
so
it's
a
simple
little
app.
All
it
does.
Is
it's
an
app.
B
I
actually
got
the
idea
from
the
ctf
that
the
security
team
did
it's
an
app,
that's
designed
where
you
put
an
ip
address
and
it'll
ping
it
and
give
you
the
results,
but
it
doesn't
validate.
So
you
can
actually
put
a
semicolon
after
the
ip
address
and
put
a
command
to
the
container
like
cat
etsy
shadow,
regular
kevin
mitnick
wayne
wayne
midnight.
No,
definitely
not
I'm
not
that
cool
and
great
job
thiago
on
the
draft
blog
post
for
the
container
security
stuff.
B
You
know
kind
of
really
thank
you
relating
container
security
and
what
we're
doing
there
to
various
miter
miter
attack.
D
D
Yeah
yeah,
which
is
great
it's
a
wednesday.
It
was
originally
for
a
friday,
the
24th,
but
then
marketing's,
recommendations.
D
It
does
inc,
including
something
that
was
sort
of
in
in
the
works
and
sam
called
out.
We
were
looking
to
to
hold
it
because
it
it's
a
lot
of.
It
is
manual,
it's
all
there,
but
you
have
to
do
a
bit
of
manual
work
to
install.
B
I
think
it's
gonna
really
help
to
educate
folks,
both
git
lab
users
and
prospects
and
just
general
public
about
how
to
do
container
security.