26 Apr 2022
In this 25 minute session, you'll receive a brief overview of Red Hat Advanced Cluster Security, understand the vision for managing Kubernetes and container security, learn about recent RHACS updates, and receive a roadmap update for both near term and long term priorities.
- 5 participants
- 26 minutes
23 Mar 2021
Overview and demo on Secretless which simplifies Kubernetes security at scale by centralizing secrets management across hybrid clouds with Red Hat OpenShift and CyberArk.
Presented by Dave Meurer, Principal Solution Architect for Red Hat.
Learn more at openshift.com
Presented by Dave Meurer, Principal Solution Architect for Red Hat.
Learn more at openshift.com
- 1 participant
- 10 minutes
13 Feb 2021
DevSecOps: What Comes first the Tools or the Culture
Guest Speaker: Kirsten Newcomer (Red Hat)
Host: Diane Mueller (Red Hat)
OpenShift Commons Briefing
#TransformationFriday #DevSecOps
Guest Speaker: Kirsten Newcomer (Red Hat)
Host: Diane Mueller (Red Hat)
OpenShift Commons Briefing
#TransformationFriday #DevSecOps
- 2 participants
- 51 minutes
8 Feb 2021
KubeLinter Introduction and Road Map
Guest Speakers: Viswajith Venugopal and Michael Foster (StackRox)
Hosts: Diane Mueller and Paul Morie (Red Hat)
OpenShift Commons Briefing
#AMA
2021-02-08
Guest Speakers: Viswajith Venugopal and Michael Foster (StackRox)
Hosts: Diane Mueller and Paul Morie (Red Hat)
OpenShift Commons Briefing
#AMA
2021-02-08
- 4 participants
- 58 minutes
26 Jan 2021
Open Policy Agent (OPA)Gatekeeper: Centralized Policy and Governance
Security and Governace Strategy and Architecture
Advanced Cluster Management for Kubernetes
Guest Speakers:
Jaya Ramanathan (Red Hat)
Yu Cao (Red)
Moderator: Kirsten Newcomer (Red Hat)
Security and Governace Strategy and Architecture
Advanced Cluster Management for Kubernetes
Guest Speakers:
Jaya Ramanathan (Red Hat)
Yu Cao (Red)
Moderator: Kirsten Newcomer (Red Hat)
- 5 participants
- 59 minutes
26 May 2020
OpenShift Commons Briefing
Building Zero Trust based Authentication with SPIRE, SPIFFE, NSM & OPA Frederick Kautz (Doc.ai) and Bobby Samuel (Anthem)
hosted by Diane Mueller (Red Hat)
2020-05-26
Building Zero Trust based Authentication with SPIRE, SPIFFE, NSM & OPA Frederick Kautz (Doc.ai) and Bobby Samuel (Anthem)
hosted by Diane Mueller (Red Hat)
2020-05-26
- 4 participants
- 50 minutes
19 May 2020
OpenShift Commons Briefing 2020-05-19
Host: Diane Mueller (Red Hat)
Guest Speaker: Marc Boorshtein (Tremolo Security)
Securely Provision Your Pipeline on OCP Making Dev, Sec and Ops All Happy
Your CI/CD pipelines are a crucial component to your platform. Production OCP deployments need to take into account how to build out pipelines for applications in an automated way that respects all of the users in your environment. The Devs want systems that stay out of their way, Sec wants to be able to audit the environment and Ops doesn’t want to get paged. Automating the provisioning means integrating source control, multiple OCP clusters across environments, security scanning, and IT process to build an automated platform.
Tremolo Security’s CTO, Marc Boorshtein, will walk through a proof of concept that was built for a customer to automate the creation of a multi-environment secured pipeline using GitLab for source control, multiple OCP environments for different stages of the application’s lifecycle, Sonarqube for scanning, and OpenUnison to tie them all together via SSO and automated workflows. We’ll cover the initial provisioning of the pipeline, environments across multiple clusters, and promoting containers across environments without using the ocp command or ever logging into a terminal.
@mlbiam / @tremolosecurity
Host: Diane Mueller (Red Hat)
Guest Speaker: Marc Boorshtein (Tremolo Security)
Securely Provision Your Pipeline on OCP Making Dev, Sec and Ops All Happy
Your CI/CD pipelines are a crucial component to your platform. Production OCP deployments need to take into account how to build out pipelines for applications in an automated way that respects all of the users in your environment. The Devs want systems that stay out of their way, Sec wants to be able to audit the environment and Ops doesn’t want to get paged. Automating the provisioning means integrating source control, multiple OCP clusters across environments, security scanning, and IT process to build an automated platform.
Tremolo Security’s CTO, Marc Boorshtein, will walk through a proof of concept that was built for a customer to automate the creation of a multi-environment secured pipeline using GitLab for source control, multiple OCP environments for different stages of the application’s lifecycle, Sonarqube for scanning, and OpenUnison to tie them all together via SSO and automated workflows. We’ll cover the initial provisioning of the pipeline, environments across multiple clusters, and promoting containers across environments without using the ocp command or ever logging into a terminal.
@mlbiam / @tremolosecurity
- 2 participants
- 58 minutes
13 May 2020
OpenShift Commons Briefing
Compliance as Code
Keith Basil (RedHat)
Hosted by Diane Mueller (Red Hat)
2020-05-13
Compliance as Code
Keith Basil (RedHat)
Hosted by Diane Mueller (Red Hat)
2020-05-13
- 1 participant
- 33 minutes
13 May 2020
OpenShift Commons Briefing
Why DevSecOps is Critical for Kubernetes
Kirsten Newcomer (RedHat)
Hosted by Diane Mueller (Red Hat)
2020-05-13
Why DevSecOps is Critical for Kubernetes
Kirsten Newcomer (RedHat)
Hosted by Diane Mueller (Red Hat)
2020-05-13
- 2 participants
- 28 minutes
2 Feb 2020
StackRox Overview and Demo
Ali Golshan (StackRox) and Kirsten Newcomer (Red Hat)
OpenShift Commons Briefing
hosted by Karena Angell (Red Hat)
Link to Slides: https://github.com/openshift-cs/commons.openshift.org/blob/master/briefings/slides/StackRox%20Overview%20Feb%202021.pdf
https://commons.openshift.org/events.html
02/02/2020
Ali Golshan (StackRox) and Kirsten Newcomer (Red Hat)
OpenShift Commons Briefing
hosted by Karena Angell (Red Hat)
Link to Slides: https://github.com/openshift-cs/commons.openshift.org/blob/master/briefings/slides/StackRox%20Overview%20Feb%202021.pdf
https://commons.openshift.org/events.html
02/02/2020
- 4 participants
- 57 minutes
12 Jul 2019
OpenDataHub Fraud Detection
ML SIG
OpenShift Commons
July 12 2019
Open Data Hub project is a reference architecture for an AI and Machine Learning as a service platform for OpenShift built using open source tools.
ML SIG
OpenShift Commons
July 12 2019
Open Data Hub project is a reference architecture for an AI and Machine Learning as a service platform for OpenShift built using open source tools.
- 3 participants
- 26 minutes
1 May 2019
Guest Speaker: Hayley Denbraver (SNYK)
There is a lot of emphasis on security in the OpenShift community, but mostly from the side of audit, controls and compliance. But a cloud native reality invites us to shift more ownership of security to the left, in the developer’s hands—given the right approach, process and tools. Snyk is a developer tools company that helps users find and fix vulnerabilities in open source libraries, both in apps and containers. Snyk’s focus is security depth and getting true dev adoption, which has led us to building tight integration into source control platforms, CI/CD tools, registries, PaaS and server less. Snyk features automated fixing of issues and the best vulnerability DB out there (enough to make Facebook, Netflix and others license the data feed itself). Towards Red Hat Summit, we will demo our new integrations into OpenShift, helping developers and operators to use open source while staying secure.
Resources: https://snyk.io/search/cheat+sheet
Create an account: https://app.snyk.io/signup
There is a lot of emphasis on security in the OpenShift community, but mostly from the side of audit, controls and compliance. But a cloud native reality invites us to shift more ownership of security to the left, in the developer’s hands—given the right approach, process and tools. Snyk is a developer tools company that helps users find and fix vulnerabilities in open source libraries, both in apps and containers. Snyk’s focus is security depth and getting true dev adoption, which has led us to building tight integration into source control platforms, CI/CD tools, registries, PaaS and server less. Snyk features automated fixing of issues and the best vulnerability DB out there (enough to make Facebook, Netflix and others license the data feed itself). Towards Red Hat Summit, we will demo our new integrations into OpenShift, helping developers and operators to use open source while staying secure.
Resources: https://snyk.io/search/cheat+sheet
Create an account: https://app.snyk.io/signup
- 4 participants
- 39 minutes
30 Apr 2019
In this video we will explore configuring OAuth to specify an identity provider with OpenShift 4. We will also walk through creating a Custom Resource (CR) that describes the identity provider. We will continue to show how users authenticate against the API and access their OpenShift Cluster.
- 1 participant
- 7 minutes
18 Mar 2019
OpenShift Commons Gathering 2019
Santa Clara
State of Container Security
Urvashi Mohani and Mrunal Patel
Santa Clara
State of Container Security
Urvashi Mohani and Mrunal Patel
- 2 participants
- 30 minutes
23 Feb 2019
London OpenShift Commons Gathering 2019
Lightning Talk Aqua Security
Securing Containers on Red Hat OpenShift
Lightning Talk Aqua Security
Securing Containers on Red Hat OpenShift
- 2 participants
- 7 minutes
22 Feb 2019
London OpenShift Commons Gathering 2019 Lightning Talk CrunchyData
PostgreSQL Operator
PostgreSQL Operator
- 1 participant
- 7 minutes
22 Feb 2019
London OpenShift Commons Gathering 2019 Lightning Talk Sysdig
Using Sysdig Secure to Detect a Runtime Breach
Using Sysdig Secure to Detect a Runtime Breach
- 1 participant
- 8 minutes
4 Feb 2019
London OpenShift Commons Gathering 2019
State of Container Security
Daniel Walsh Red Hat
State of Container Security
Daniel Walsh Red Hat
- 2 participants
- 35 minutes
21 Dec 2018
Case Study: Securing OKD at Multiple Layers with Marc Boorshtein (Tremolo Security) Edit
Dec 19 @ 9:00 am
Case Study presentation on Securing OKD at multiple layers – OKD, FreeIPA, OPA and OpenUnison. Marc Boorshtein of Tremolo Security will do a deep dive into securing an OKD (Red Hat's OpenShift open source) deployment both at the OKD level and at the host level. We’ll also walk through how we integrated OPA to provide both validating webhooks and mutating webhooks for injecting Kerberos keys into containers for accessing Windows file shares and SQL Server databases.
Slides: https://blog.openshift.com/wp-content/uploads/OpenShift-Commons-Briefing-Securing-OKD-Tremolo-Security.pdf
Dec 19 @ 9:00 am
Case Study presentation on Securing OKD at multiple layers – OKD, FreeIPA, OPA and OpenUnison. Marc Boorshtein of Tremolo Security will do a deep dive into securing an OKD (Red Hat's OpenShift open source) deployment both at the OKD level and at the host level. We’ll also walk through how we integrated OPA to provide both validating webhooks and mutating webhooks for injecting Kerberos keys into containers for accessing Windows file shares and SQL Server databases.
Slides: https://blog.openshift.com/wp-content/uploads/OpenShift-Commons-Briefing-Securing-OKD-Tremolo-Security.pdf
- 2 participants
- 51 minutes
22 Nov 2018
The briefing reviews and explains the security concerns associated with container technologies and make practical recommendations for addressing those concerns when planning for, implementing, and maintaining containers that are outline in NIST’s Special Publication 800-190 Application Container Security Guide
Speakers: John Morello, CTO Twistlock and Dirk Herrmann, Product Manager, Red Hat
Speakers: John Morello, CTO Twistlock and Dirk Herrmann, Product Manager, Red Hat
- 4 participants
- 1:00 hours
26 Sep 2018
The CYBRIC platform integrates seamlessly into the DevOps process on OpenShift and enables continuous scanning capabilities at every stage. As code gets written and committed to code repositories, as build processes complete, CYBRIC can submit the code or build artifacts to scanning by a variety of open source and commercial SAST and SCA tools. The platform provides a unified integration to all products, which lowers the barriers for adoption and potential switching costs. Similarly, container images can be scanned as soon as they are built or posted to repositories such a Docker Hub, Artifactory or Nexus.
Within an OpenShift environment CYBRIC discovers and automatically scans all applications deployed, as well as the published external routes, with a range of DAST open source or commercial products. As new applications get deployed or new routes created, CYBRIC can detect them, automatically create new targets and scan them immediately for any vulnerabilities or misconfigurations. Scan results from the entire security toolchain are collected, normalized and deduplicated in order to provide the most concise and accurate view of the customer’s Security Posture at an application level. Static and dynamic scan results are correlated to provide valuable information about the most critical vulnerabilities as well as point out the root causes of the exploits observed against the applications.
CYBRIC Dashboards present data relevant to the executive level as well as for application stakeholders and individual contributors. Ultimately, the platform provides a clear view of Application and Enterprise Risk and helps users answer key business questions regarding the security and quality of the applications within the enterprise.
Within an OpenShift environment CYBRIC discovers and automatically scans all applications deployed, as well as the published external routes, with a range of DAST open source or commercial products. As new applications get deployed or new routes created, CYBRIC can detect them, automatically create new targets and scan them immediately for any vulnerabilities or misconfigurations. Scan results from the entire security toolchain are collected, normalized and deduplicated in order to provide the most concise and accurate view of the customer’s Security Posture at an application level. Static and dynamic scan results are correlated to provide valuable information about the most critical vulnerabilities as well as point out the root causes of the exploits observed against the applications.
CYBRIC Dashboards present data relevant to the executive level as well as for application stakeholders and individual contributors. Ultimately, the platform provides a clear view of Application and Enterprise Risk and helps users answer key business questions regarding the security and quality of the applications within the enterprise.
- 3 participants
- 37 minutes
10 Jul 2018
Everyone knows how microservices and containers are revolutionizing the way we deploy applications and maintain our infrastructure. But as many teams are starting to find out, containers have a key problem: monitoring and securing them with traditional tools can be impractical, painful, and sometimes plain impossible.
The Sysdig container intelligence platform provides a unified platform to deliver monitoring, security, and troubleshooting in a microservices-friendly architecture. In this session we will demo how Sysdig helps to:
- Monitor and alerting on Kubernetes infrastructure, services and applications
- Unified interface to troubleshoot issues inside containers with full system visibility
- Implement microservices based security policies looking at run-time behavior
- Enable post-mortem analysis and forensics on containers after they are long gone
The Sysdig container intelligence platform provides a unified platform to deliver monitoring, security, and troubleshooting in a microservices-friendly architecture. In this session we will demo how Sysdig helps to:
- Monitor and alerting on Kubernetes infrastructure, services and applications
- Unified interface to troubleshoot issues inside containers with full system visibility
- Implement microservices based security policies looking at run-time behavior
- Enable post-mortem analysis and forensics on containers after they are long gone
- 1 participant
- 11 minutes
10 Jul 2018
In this talk from the OpenShift partner theater at Red Hat Summit 2018, learn how Aqua for Red Hat® OpenShift Container Platform works as a layer of security that provides image assurance, runtime controls, and protection against attacks. Learn how Aqua is natively deployed in an OpenShift environment by deploying pods, services, and Daemonsets and protects container workloads against attacks and insider misuse. You’ll also learn how the solution ensures visibility and compliance for OpenShift containerized applications.
- 1 participant
- 17 minutes
14 Jun 2018
In this OpenShift Commons briefing, Aporeto's Ariful Huq discusses best practices around securing your microservices:
Comprehensive: Zero Trust security for Network and API access control. Run-time visibility
Identity-driven: Identity is central to access control – and why cryptographic methods for assigning an identity to workloads are essential
Heterogenous: Because enterprises have mixed environments, the right security solution has to operate across clouds as well as in non-cloud native and service mesh environments
Following the best practices discussion, we will have a quick overview of Aporeto 2.0 as well as a demonstration of:
Network access control & API access control for apps deployed across multiple clouds and clusters.
A kill chain scenario
Comprehensive: Zero Trust security for Network and API access control. Run-time visibility
Identity-driven: Identity is central to access control – and why cryptographic methods for assigning an identity to workloads are essential
Heterogenous: Because enterprises have mixed environments, the right security solution has to operate across clouds as well as in non-cloud native and service mesh environments
Following the best practices discussion, we will have a quick overview of Aporeto 2.0 as well as a demonstration of:
Network access control & API access control for apps deployed across multiple clouds and clusters.
A kill chain scenario
- 2 participants
- 43 minutes
24 May 2018
Jon Deeming, VP at Experian, presents how automation can ensure that security policy is consistently deployed into production OpenShift container environments. He shares some of the lessons learned in Experian’s move to containers. The dynamic nature of containers requires thinking through all the attack vectors in a new environment and creates the need for behavior-based security technology. This new technology needs to work with the system primitives, labels, resources and other metadata to maintain the desired security posture. At the same time, it’s critical to dive deeply into the Kubernetes architecture to understand how to properly deploy resilient services. Understanding the network and system behavior of pods and containers will enable DevOps and security teams to detect suspicious behaviors. This session provides a framework for evaluating container security and advice for securing business critical services and protecting sensitive data.
- 1 participant
- 42 minutes
10 May 2018
As one of the biggest banks in Central Europe, BZ WBK uses hundreds of systems, many of which were developed years ago when virtualization wasn’t a commodity like it is today. In a quest for more flexibility and efficiency, BZ WBK explored various options to improve and modernize its delivery and deployment pipeline, finally choosing Red Hat OpenShift.
In this session, we'll share why we chose OpenShift, how it affects our applications and infrastructure, and how it meets high security expectations and compliance/regulatory standards. We'll present real, technical-level examples of how to build pipelines, release secure containers and isolate them accordingly, and other tools you may need to successfully deploy them in production—all based on our experience building a working solution.
Learn more: https://agenda.summit.redhat.com/
In this session, we'll share why we chose OpenShift, how it affects our applications and infrastructure, and how it meets high security expectations and compliance/regulatory standards. We'll present real, technical-level examples of how to build pipelines, release secure containers and isolate them accordingly, and other tools you may need to successfully deploy them in production—all based on our experience building a working solution.
Learn more: https://agenda.summit.redhat.com/
- 2 participants
- 41 minutes
18 Apr 2018
Implementing Enterprise-grade Network Security with OpenShift and Tigera CNX with Amit Gupta (Tigera).
In an earlier Commons webinar, we described Tigera's open source Project Calico, and how it enables simplified networking with secure network policies. Amit Gupta will expand on that topic today with an exploration of the additional features enabled by Tigera's flagship CNX product, and a preview of capabilities in the forthcoming 2.1 release, including even closer integration with OpenShift.
Amit will cover practical workflows demanded by enterprises including meeting compliance requirements for network isolation with auditing, monitoring and alerting. He will also talk about how CNX enables multiple teams (e.g. security, network and development/ops) to easily and collaboratively define hierarchical security policies with role-based access controls and graphical management of policies (at last, yaml is purely optional!), and will draw from examples of real-world users adopting both CNX and OpenShift.
In an earlier Commons webinar, we described Tigera's open source Project Calico, and how it enables simplified networking with secure network policies. Amit Gupta will expand on that topic today with an exploration of the additional features enabled by Tigera's flagship CNX product, and a preview of capabilities in the forthcoming 2.1 release, including even closer integration with OpenShift.
Amit will cover practical workflows demanded by enterprises including meeting compliance requirements for network isolation with auditing, monitoring and alerting. He will also talk about how CNX enables multiple teams (e.g. security, network and development/ops) to easily and collaboratively define hierarchical security policies with role-based access controls and graphical management of policies (at last, yaml is purely optional!), and will draw from examples of real-world users adopting both CNX and OpenShift.
- 3 participants
- 59 minutes
11 Jan 2018
Learn how to simplify and strengthen your security posture by combining deep kernel-level container visibility with metadata from your Openshift deployment to define your security policies. SysDig’s Knox Anderson covers how the security landscape is changing, the architecture of Sysdig Secure, and even covers a live security instrumentation of a containerized environment.
The live demo will walk you through what Sysdig Secure can do:
– Implement application and OpenShift aware policies
– Block incoming attacks and container break-ins
– Audit executed commands
– OpenShift forensics: pre and post-attack investigation
– Unify monitoring & security workflows
The live demo will walk you through what Sysdig Secure can do:
– Implement application and OpenShift aware policies
– Block incoming attacks and container break-ins
– Audit executed commands
– OpenShift forensics: pre and post-attack investigation
– Unify monitoring & security workflows
- 2 participants
- 41 minutes
15 Aug 2017
In this Tech N’ Talk, Red Hat’s Kirsten Newcomer discusses the 10 most common layers in a typical container deployment and ways to build security into each layer. These layers include: The container host, content, and registries, the CI/CD process, the container platform, networking, storage, and API management.
Organizations are rapidly adopting containers to more easily develop and manage the applications that drive business value. However, as with any newer technology, enterprise use requires strong security at every stage of the lifecycle. Securing containers is a lot like securing any running process. You need to think about security throughout the layers of the software stack. You also need to secure your CI/CD pipeline. You need defense in depth.
This discussion coverseach of these 10 layers, and Kirstin uses Red Hat’s OpenShift container platform to illustrate how to deliver continuous security for containers.
Organizations are rapidly adopting containers to more easily develop and manage the applications that drive business value. However, as with any newer technology, enterprise use requires strong security at every stage of the lifecycle. Securing containers is a lot like securing any running process. You need to think about security throughout the layers of the software stack. You also need to secure your CI/CD pipeline. You need defense in depth.
This discussion coverseach of these 10 layers, and Kirstin uses Red Hat’s OpenShift container platform to illustrate how to deliver continuous security for containers.
- 3 participants
- 53 minutes
13 Jul 2017
Aporeto’s Cloud Native Security solution works through authentication, authorization, and encryption for all of a distributed application’s components. It generates a cryptographically-signed identity certificate for every application component orchestrated by OpenShift and allows interactions between those components if there is a policy that explicitly allows it. This whitelist security model is simple because it does away with the massive complexities of configuring the different segmentation schemes that would otherwise be required to achieve the same ends. In this briefing, Amir Sharif of Aporeto will give an overview of the solution and demonstrate using with applications deployed on OpenShift, explain the benefits and implications of this security model
- 2 participants
- 31 minutes
14 Jun 2017
In this webcast, Nenad Bogojevic from Amadeus and Diogenes Rettori from Red Hat talk about security mechanisms and protections related to Red Hat OpenShift Container Platform and Amadeus' experiences deploying and using OpenShift, including security mechanisms, such as user and network access control and policies in OpenShift and underlying Openstack, the audit trail of administrative actions, ways to use and protect Kubernetes secrets as well as some best practices for Docker containers. They also present some possibilities to address technical limitations or potentially unknown vectors of attack using compensating controls via auditd, monitoring, and alerting.
Amadeus operates large-scale, secure, Payment Card Industry Data Security Standard (PCI/DSS)-compliant online and e-retail systems. Recently, they started migrating those systems to OpenShift Container Platform. For Amadeus and their customers, security and compliance is paramount.
Guest Speakers:
Nenad Bogojevic – Software Architect, Amadeus
Diogenes Rettori – OpenShift Product Manager, Red Hat
Amadeus operates large-scale, secure, Payment Card Industry Data Security Standard (PCI/DSS)-compliant online and e-retail systems. Recently, they started migrating those systems to OpenShift Container Platform. For Amadeus and their customers, security and compliance is paramount.
Guest Speakers:
Nenad Bogojevic – Software Architect, Amadeus
Diogenes Rettori – OpenShift Product Manager, Red Hat
- 3 participants
- 48 minutes
22 May 2017
Even in Containers, application security still matters. Running applications in containers means that many processes need to change. And security is no exception. Beyond the security and configuration of the container platform, there are implications to security of the application development, the way it runs, and how it is protected in production.
The very first line in a Docker file: FROM, is where security begins. The choice of the base image, the prerequisite components and the configuration of the image – all impact the security of the eventual container.
Security considerations are necessary when images are pulled and used. Are the images certified to run? Do they pass the risk criteria of the organization? A containerized environment still requires the demonstration of control, for compliance reasons and for the overall security of the application.
And as containers run, there are requirements to monitor their behavior, prevent modifications and protect them from unauthorized actions.
In this session, Aqua’s Tsvi Korren gives an overview of Aqua’s framework for effective application security in a containerized environment. It begins in the development process, progresses as images are built, continues through assurance of image authorization, and protects all running containers.
The very first line in a Docker file: FROM, is where security begins. The choice of the base image, the prerequisite components and the configuration of the image – all impact the security of the eventual container.
Security considerations are necessary when images are pulled and used. Are the images certified to run? Do they pass the risk criteria of the organization? A containerized environment still requires the demonstration of control, for compliance reasons and for the overall security of the application.
And as containers run, there are requirements to monitor their behavior, prevent modifications and protect them from unauthorized actions.
In this session, Aqua’s Tsvi Korren gives an overview of Aqua’s framework for effective application security in a containerized environment. It begins in the development process, progresses as images are built, continues through assurance of image authorization, and protects all running containers.
- 4 participants
- 54 minutes
8 Mar 2017
OpenShift networking works great out of the box, right? So why would you consider anything else? This briefing examines an alternative approach that has benefits for many scenarios – from tightly securing a few high-value AWS instances to scaling a large private cloud deployment.
Come learn how the Calico solution differs from traditional solutions like OpenShift SDN, and how Calico has now been integrated with Kubernetes and OpenShift to provide a smooth deployment experience, and lessons learned across hundreds of enterprise users.
Guest Speaker: Andrew Randall, Tigera
Come learn how the Calico solution differs from traditional solutions like OpenShift SDN, and how Calico has now been integrated with Kubernetes and OpenShift to provide a smooth deployment experience, and lessons learned across hundreds of enterprise users.
Guest Speaker: Andrew Randall, Tigera
- 4 participants
- 51 minutes
22 Nov 2016
DevSecOps: Security Injection with SecurePaaS on OpenShift with Shadow-Soft's Derrick Sutherland
In this Briefing, Derrick Sutherland of Shadow-Soft will address cyber security concerns in a DevOps world and demonstrate how using SecurePaaS on OpenShift automatically and without developer intervention, introspects, federates, and injects identity, authentication, authorization, & auditing (IAAA) into an application’s source code, uniquely protecting IT assets. Learn more at http://securepaas.com/
In this Briefing, Derrick Sutherland of Shadow-Soft will address cyber security concerns in a DevOps world and demonstrate how using SecurePaaS on OpenShift automatically and without developer intervention, introspects, federates, and injects identity, authentication, authorization, & auditing (IAAA) into an application’s source code, uniquely protecting IT assets. Learn more at http://securepaas.com/
- 3 participants
- 37 minutes