Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
GitLab / Protect Stage / 17 Mar 2020
GitLab / Protect Stage / 17 Mar 2020
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: GitLab 12.10 Kickoff - Defend:Container Security

Description

Kickoff of Container Security issues planned for the GitLab 12.10 release
https://gitlab.com/gitlab-org/gitlab/-/issues/32365
https://gitlab.com/gitlab-org/gitlab/-/issues/199268
https://gitlab.com/gitlab-org/gitlab/-/issues/199666

A

Hi, my name is Sam white and I'm. The senior product manager for the container security group in the defense stage here at Get, Well and I'm, going to be going over. The features that we're taking off for our 12 tender looks so be.

A

Sure my screen and show you this page: here's our defendant board in get lab where you can view, what's upcoming, what's planned for 1210 and we're going to be taking a look at these three deliverable items slated for 1210, starting with cluster network policy statistics.

A

Let me show you a mock of that we're extending this on the security and compliance threat, monitoring page where in 12:9 we added this graph for the Web Application Firewall, to show some statistics around what that firewall was doing.

A

We're going to be extending this page by adding this additional section down here for container network policy statistics, basically just giving you a high-level overview of what your network policies are doing related to packets on your containers, so right now be able to see total packets as well as drop packets, and just like, with the Web Application Firewall statistics you'll, be able to filter this entire page by the environment and adjust the time frame.

A

The two other issues that we have upcoming in those 12 10 release are very related, so I'm going to be talking about these together. Both of these are around sending logs out to SM or an external centralized logging solution, so the first one is for your Web Application Firewall. If for mod security, and the second one is for sending out your solium long for use between your network policy logs again, to give you an idea of what this will look like. This will be in the settings.

A

Integration page of gitlab- and here we'll be adding a new line item for sim, where you'll be able to configure your settings to send the data out to that external location and again, if I click on that you'll see it takes me to a page where I can put in just some basic configuration, I can put in the URL or hostname for the sim or for the central logging solution, the port number, either UDP or TCP and I can check or uncheck which tools should be sending logs out to that sin.

A

So again, these are the features that we've got coming up for 1210. We welcome any feedback. You may have. Please feel free to comment directly on these issues or reach out to me at sy packet, lab com.