OpenShift Commons Briefing #73: Securing Applications on OpenShift and Kubernetes
May 26, 2017 | by
OpenShift Commons Briefing Summary
In this session, Aqua’s Tsvi Korren gives an overview of Aqua’s framework for effective application security in a containerized environment. It begins in the development process as images are built, continuing through assurance of image authorization, and protects running containers.
Even in containers, application security still matters. Running applications in containers means that many processes need to change. And security is no exception. Beyond the security and configuration of the container platform, there are implications to the security of the application development, the way it runs, and how it is protected in production.
The very first line in a Docker file: FROM, is where security begins. The choice of the base image, the prerequisite components, and the configuration of the image all impact the security of the eventual container.
Security considerations are necessary when images are pulled and used. Are the images certified to run? Do they pass the risk criteria of the organization? A containerized environment still requires the demonstration of control for compliance reasons and for the overall security of the application.
And as containers run there are requirements to monitor their behavior, prevent modifications, and protect them from unauthorized actions.
In this presentation, Tsvi outlines the security considerations and demos how Aqua's framework helps to alleviate these issues.
Learn More at the Next OpenShift Commons Gathering in Austin Dec 5th
Red Hatters, CNCF/Kubernetes project leads and numerous other members of the OpenShift Commons will be gathering together in Berlin for the upcoming OpenShift Commons Gathering co-located with Kubecon at the Austin Convention Center. Register now to reserve your seat at this day long event!
Don't forget to leave your feedback and suggestions for each video on YouTube or in the comments section below. This will be incredibly important to shape this Special Interest Group and create sessions that fit the demands of all the OpenShift developers in the community.
About OpenShift Commons
OpenShift Commons is the place for organizations that are part of the OpenShift community to connect with peers and other related open source technology communities to communicate and collaborate across all OpenShift projects and stakeholders.
The Commons' goal is to foster collaboration and communication between OpenShift stakeholders to drive success for all members, and expand & facilitate points of connection between members for sharing knowledge and experience to help drive success for the platform and for participants: customers, users, partners, and contributors.
Overview The policy framework in Red Hat Advanced Cluster Management for Kubernetes (RHACM) is a powerful feature that help you to govern your configurations across multiple clusters. You can enforce ...