In the talk we will look at the different layers of security that can be applied to a container eco system and the different teams responsibility in the eco system to deliver security.
From the sysadmins point of view how do i make sure the container daemon is secured, what official hardening guides are out there to follow. From an application developers point of view, how does secomp/appapparmor work? To make sure that only the process from the application have access to the host machine. Now that we have the local container secured, how do we make sure our deployments follow the same structure and security profiles. Can we add security checks to our container CD pipeline like we would quality gates? Lastly we will look at from the point of the security team. How can they have input to all the steps we have taken from beginning of the process and not the end. Allowing all the teams to work together breaking down silo to deliver a solution.