At the KubeSec day in Seattle, Enterprise Times talked with Rani Osnat, VP Product Marketing at Aqua Security. ET had just spent the day at the KubeSec conference listening to what is required to add security early into the container lifecycle. This is a key change of attitude as with most technologies we’ve waited until they were mature before bolting on security.
Osnat says that despite the statistics we are early in the cycle for containers. While supporters of the technology are talking about 80-90% of Fortune 500 companies using them, Osnat poses the question, “where are they using containers?” He also takes the view that while substantial amounts of workloads will move to containers, not everything will go there. It’s a refreshing admission that the technology is not the solution to everything.
One of the key things that containers bring over VMs, according to Osnat is that: “Containers actually change the architecture and the deployment mechanism of applications. Unlike VMs that were virtual servers, containers virtualise bits of applications.”
Osnat also talked about how we need to think early about security. One option proposed at KubeSec is putting security into the base framework. This takes it away from developers and means it is just there in the same way a system driver is there. Interestingly, especially for the CD/CI community, Osnat also said that security is just another pipeline in the development process.
To hear more of what Osnat had to say listen to the podcast
Where can I get it?
obtain it, for Android devices from play.google.com/music/podcasts
use the Enterprise Times page on Stitcher
listen to the Enterprise Times channel on Soundcloud
listen to the podcast (below) or download the podcast to your local device and then listen there