►
Description
Weekly meeting for the Defend:Container Security group
A
Oh
all
right
welcome
to
The
Container
Security
weekly
group
discussion.
The
goal
of
this
meeting
is
to
discuss
any
demos
that
have
been
either
pre-recorded
or
cherem
here.
If
anyone
has
prepared
review
issues
that
Sam
rpm
has
identified
for
planning,
break
down
and
I
guess,
I
missed
one
item
following
up
from
any
previous
discussions,
so
looking
at
the
agenda
for
today,
hopefully,
everyone
has
had
a
chance
to
review
this
in
advance.
A
C
A
A
C
So
we
don't
have
any
issues
to
cover.
Today,
we've
got
the
you
know.
Upcoming
we've
got
container
behavioral
analytics
that
we
want
to
take
to
minimal
we're
still
figuring
that
out.
That's
on
the
problem,
validation
stage.
Also,
we've
got
the
on/off
toggle
for
cilium
and
that's
currently
in
the
design
stage.
So
I
don't
know
that
we
have
anything
more
to
discuss
there.
Andy's
working
on
the
designs,
I'm
working
on
the
problem,
validation-
hopefully
we'll
have
more
than
40
next
week,
but
I
did
want
to
share.
B
C
B
C
B
C
C
You
know
it's
not
picking
the
right
window
here.
C
There
we
go
so
as
far
as
my
priorities
go,
you
can
always
see
them
by
coming
to
the
defense
board
and
for
some
reason
them
it's
cool
right.
There
we
go
so
I
always
keep
mine
in
a
ranked
order
list
and
you
can
see
them
by
looking
for
the
label
of
devops
defense
and
then
looking
for
the
label
of
group
container
security
and
then,
if
you
filter
by
the
label
of
direction,
those
are
the
issues
that
I'm
driving
that
contribute
directly
to
our
direction,
and
so
we
do
do
work
outside
of
that.
C
But
it's
not
really
as
directly
driven
by
me.
So
you
know
things
like
clubs
also
get
prioritized,
but
those
don't
necessarily
move
us
along
in
the
direction
path.
So
if
you
filter
by
direction,
you
can
see
any
of
that
new
feature.
Work
that
we're
doing
so.
What's
your
network
policy
statistics,
you
know
all
of
this
should
be
in
progress
for
12
10
and
then
here's
what
we've
got
for
twelve
six
4:30
now.
A
Within
the
product,
so
you're
limiting
this
label
to
DevOps
defend
right
now
is
not
exactly
right.
We
wanted
to
or
were
dependent
on,
making
changes
in,
monitor
or
configure
that
could
be
different
and
we
could
end
up
losing
an
issue,
so
I'm
kind
of
a
broken
record
on
that,
but
I
just
wanted
to
make
sure
that
everybody
is
on.
The
same
page
group
is
the
who,
so
the
folks
that
are
on
this
call
DevOps
is
the
the
stage
with
an
application
where
the
change
is
happening.
So
six
aware
no.
C
Thanks
for
calling
that
out,
that's
true,
we
should
remove
that
label
too
good
catch.
So
especially
where
a
big
chunk
of
the
thirteen
auto
work
is
still
in
the
problem,
validation
stage.
I
know
it
still
has
a
ways
to
go
before
it's
ready
for
a
thirteen.
No,
but
we
are
moving
along
rather
quickly,
so
I
just
wanted,
for
the
sake
of
visibility
and
transparency,
to
share
some
details
about
what
we're
doing
there.
C
First
of
all,
in
that
Google
Drive
folder
that
I
have
linked
in
the
agenda,
it
takes
you
to
a
folder
where
it's
got
pretty
much
everything
that
we're
doing
there
and
I
just
wanted
to
call
out
a
couple
pieces
of
the
research
that
we're
doing.
One
thing
that
we're
doing
with
the
participants
is
we're
playing.
C
What
we
call
by
a
feature
game
and
part
of
this,
is
because
container
security
is
very
broad,
and
even
the
ids/ips
market
inside
of
container
security
tends
to
be
pretty
broad,
and
when
you
look
at
the
way,
Gartner
talks
about
cloud
workload
protection.
There
was
a
way
that
different
vendors
are
approaching
it.
They
tend
to
do
a
whole
host
of
a
lot
of
different
things
and
different
open-source
tools
give
us
some
of
these
pieces,
but
there's
not
really
a
good.
C
So
really
the
way
this
works
is
I'm,
giving
participants
a
bucket
of
money,
twenty
five
hundred
dollars
and
they
can
choose
which
of
these
features
to
buy
if
they
move
it
into
the
yes
or
strong
yes
column,
then
it
deducts
that
amount
of
money
if
they
moved
into
no
or
strong
those
and
they
just
didn't,
buy
it.
So
so
far,
I've
been
able
to
do
this
with
queue
of
our
existing
customers.
C
We've
got
three
participants
source
through
the
respondent
platform
that
I'm
meeting
with
later
this
week,
and
we've
got
a
few
more
that
we'll
be
scheduling
next
week,
so
again
we're
moving
through
rather
quickly.
In
addition
to
this
by
a
future
game,
we
have
a
script
where
we
walk
through
various
different
questions
with
them
to
help
validate.
You
know
the
direction
that
we're
going
and
what
we're
doing
some
of
that
is
focused
on
container
network
security.
Some
of
it
is
cross
applicable
for
all
of
the
different.
C
You
know
categories
that
we're
approaching,
and
you
know
some
of
it
is
more
ids/ips
focus
so
again
just
trying
to
answer
the
big
unknowns
and
and
leverage
in
on
those.
If
there
are
areas
that
we
think
we
we
know
the
answer
to
that
we're
fairly
confident
in
you
know,
we
only
get
so
much
time.
So
we
we're
trying
to
leave
those
questions
out,
but
really
just
hone
in
on
the
areas
we
want
to
make
absolutely
certain
to
get
right
so
that
we're
not
spending
time
building
things
that
customers
don't
actually
want.
C
We
will
be
recording
all
of
those
user
interviews
and
we
take
fairly
extensive
notes
and
all
of
those
get
posted
into
that
folder
in
Google
Drive.
So
you
know
any
of
you
are
interested
in
hearing
it
straight
from
the
customer
or
the
participant
that
always
is
a
resource
to
go
to
and
that's
all
from
my
end.
A
C
B
Nick
next
so
Sam
already
answered
on
4c
the
last
one
on
the
list,
so
thanks
Sam,
so
I
think
on
this
issue
reported
with
the
dog
other
part
of
getting
lab
dogfooding
the
wife
feature,
which
is
great,
we're
glad
they
are
I,
think
we've
got
a
good
plan
for
it,
nope
sorry
that
was
something
I
deleted.
This
is
a
different
one,
so
it's
really
just
a
request
to
the
group
to
investigate
and
to
think
about,
and
common
asynchronously
on
the
deploying
CNS
and
laughs
without
requiring
customer
to
you
see
ICD
or
Auto
DevOps.
B
So
we've
got
a
brainstorming
session
scheduled
for
tomorrow
on
that.
So
please,
let's
not
wait
for
that.
You
know
please
read
over
and
put
your
thoughts
in
there
as
comments
or
edits,
etc.
Before
the
meetings
who
can
work
on
it
is
asynchronous
silly
as
reasonably
possible
between
now
and
then
nem
overview.
I
know,
I,
know
why
Sam,
but
like
it
probably
good
favorite,
give
a
quick
overview
on
the.
Why
we're
brainstorming
on
this?
Why
is
this
important
yeah.
C
C
This
is
important
because,
right
now,
in
order
to
use
cilium,
you
have
to
already
be
using
CI
and
CD
and
auto
devops,
and
so
that
funnel
limits
the
base
of
customers
that
are
able
to
use
container
network
policies
rather
substantially
the
latest
statistics
that
I
saw
and
take
this
with
a
huge
grain
of
salt,
because
you
know
this
comes
from
our
usage
kings
and
the
usage
King
is
not
unique
for
customer
or
even
per
project.
So
you
know
some
customers
may
be
unfairly
weighted
in
that
sample
size.
C
But
right
now,
out
of
all
of
the
usage
screens
we
receive
only
0.5%
have
are
actually
using
CI,
MCD
and
auto
devops,
and
so
you
know,
if
we're
limiting
our
customer
base.
2.5
percent
of
our
get
a
lot
of
customers-
that's
a
really
small
pipeline
to
start
with,
and
then
we
have
to
take
those
customers
and
convince
them
to
use
psyllium.
C
So
we
really
need
a
way
that
exists
outside
of
auto
devops
and,
ideally
even
outside
of
CITV,
where
we
can
deploy
things
like
psyllium
and
other
open-source
technologies
to
provide
some
container
security
again
without
requiring
use
of
those
other
features.
So
some
sort
of
independent
you
know
way
to
push
and
read
and
write,
not
only
technologies,
but
also
configuration
states
and
then
out
of
containerized
environments.
Doing
that
is
going
to
it's
strategic
in
a
number
of
ways.
C
Not
only
is
it
going
to
widen
that
customer
base,
but
also
will
potentially
let
customers
use
start
they're
in
there
get
lab
journey
so
right
now,
most
customers
start
at
the
left
end
of
the
development
cycle
where
they're
writing
and
committing
code.
But
this
will
actually
let
us
start
by
sewing
to
the
security
organizations
and
have
them
start
securing
their
containers
and
work
backwards
to
get
the
DevOps
teams.
To
start.
You
know
development
and
engineering
teams
to
start
committing
their
code
to
get
lab
as
well.
So
you
know
the
strategic
implement
implications
are
pretty
significant.
C
I
would
say
that
you
know
we're
not
yet
looking
for,
like
a
proof-of-concept
or
actual
development
work
to
be
done
on
that,
if
we,
if
and
when
we
want
that
to
be
done,
we'll
put
it
on
the
backlog
and
we'll
create
issues
separate
for
those
and
prioritize
those
against
the
other
work
that
we
have
to
do,
but
for
now
we're
just
looking
to
get
an
architecture
put
together
of
you
know.
If
we
were
to
do
this,
what
would
that
look
like
you.
B
Thank
Sam,
hey
great,
any
ready
any
questions
for
Sam
on
that
that
was
like
when
we
I
think
it's
always
important
for
us
to
explain
the.
Why,
on
things,
not
just
that,
you
know
the
what
and
the
how
or
describe
the
what
determine
the
how,
but
also
you
know,
discussing
the.
Why
is
important.
Why
is
it
important
to
customers
that
question
we
we
haven't
decided
to
do
it.
We've
decided
the
brainstorming
it
to
see
what
it
would
take
to
do:
a
feasibility,
etc.
That's
a
mere
you
were
saying:
I
just
have
a
question
image.
D
C
D
C
D
C
E
F
B
An
option
right
just
to
be
clear
and
with
behind
the
scenes
in
how
we
implement
it,
we
don't
want
to
implement,
isn't
that
wouldn't
be
everything,
but
just
to
be
exact
and
exaggerating,
we
want
to
implement
everything
twice
to
potentially
to
accomplish
this.
We
want
to
brown
it.
How
could
we
reuse
as
much
as
what
we
have
and
accomplish
this
yeah.
C
I
mean
if
we
did
decide
to
remove
the
current
approach
as
an
option
to
keep
it
consolidated
down
to
one
off
that
would
be
okay.
We
don't
have
to
get
rid
of
it.
You
know,
keep
it
or
get
rid
of
it.
That's
up
to
you,
you
know,
but
we
would
want
to
provide
a
way
where
they
di
CD
and
Auto.
Devops
are
not
a
not
a
requirement
in
order
to
use
solium.
B
E
So
Philemon
that
yeah,
my
thoughts
on
that
is,
we
will
need
to
at
some
point
write
some
comments.
There's
no
way
we
can
run
that
and
get
lab
itself
or
in
anything.
That
would
be
secure
enough
to
do
that.
So
the
only
way
to
run
commands
external
commands
I
mean
is
through
the
CI
CD
pipeline.
So
I
don't
see
how
we
can
get
rid
of
that.
Maybe
there
are
the.
C
The
assumption
is
they're
not
using
it
at
all
right.
So
when
we
look
at
our
competitors
as
well
like
they
don't
necessarily
require
you
to
you
know
they.
Let
you
put
in
container
security
without
also
having
to
have
your
code,
go
through
a
whole
CI
CD
pipeline
right.
They
just
connect
directly
to
the
containerized
environment,
and
then
they
push
what
they
need
there,
and
so
you
know
that's
a
barrier
that
we
don't
want
to
have
when
we're
stacking
up
against
the
competition.