Basel, Switzerland
October 10–11, 2018
Click Here For Information & Registration
Wednesday, October 10 • 15:10 - 15:40
Security Considerations for CF Container Runtime vs. CF Application Runtime - John Michealson, Aqua Security

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The growing adoption of containers and the availability of scalable orchestration tools (e.g. Kubernetes) are creating opportunities to develop more agile, easy-to-update applications that combine stateful and stateless modes. The emerging architecture combines both modalities, that have very different security considerations and risk profiles. While CF Application Runtime is well-suited to 12-factor application development, CF Container Runtime is better for flexible, rapidly-updated apps that can scale-out specific parts of the application in a very elastic way. However, from a security standpoint, CFCR presents challenges in the form of 3rd party open-source inflow, developer-driven code changes, and frequent updates. It also presents benefits in the form of immutability, better network segmentation, and lack of persistence on the host (the notion we sometimes refer to as “reverse uptime”). In this talk I will describe how to approach these divergent needs, and demonstrate some of the methods and tools that can be used to mitigate risk without slowing down development.


John Michealson

Cloud Security Integration Architect, Aqua Security
John has been building, securing and managing enterprise networks and systems for 20 years. In his current role he assists Aqua Security customers with the design of secure container deployments and provides a conduit from customers to Aqua R&D. Most recently, he is spending most... Read More →

Wednesday October 10, 2018 15:10 - 15:40 CEST
Kairo 1 & 2