8
WHY YOU NEED TO RETHINK CONTAINER SECURITY Sasan Padidar FlawCheck

Why You Need to Rethink Container Security

Embed Size (px)

Citation preview

Page 1: Why You Need to Rethink Container Security

WHY YOU NEED TO RETHINK CONTAINER SECURITY

Sasan Padidar

FlawCheck

Page 2: Why You Need to Rethink Container Security

SASAN PADIDARFOUNDER & CTO

Former Chief Architect of Appthority, in charge of helping Appthority scale up mobile app program analysis from thousands of apps to millions of apps

MS in CS with a focus on Concurrency Theory, Theorem Proving, and Static Analysis

Previous experience working as a consultant to One King’s Lane, Facebook, and Google, to help them scale up

6 cybersecurity patents (additional in progress)

Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 2

Page 3: Why You Need to Rethink Container Security

HOW CAN WE EXPEDITECONTAINER ADOPTION?

Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 3

Page 4: Why You Need to Rethink Container Security

WHY YOU NEED TO RETHINKCONTAINER SECURITYBeing able to trust images & containers is key

Current security products are not designed for container ecosystems

Scalability is critical

Products serving containers need to be agile and flexible

Security products need to integrate tightly with the SDLC

Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 4

Page 5: Why You Need to Rethink Container Security

BEGIN TO TRUST IMAGES

Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 5

Page 6: Why You Need to Rethink Container Security

FLAWCHECK PRIVATE REGISTRY

Scalable solution for detecting vulnerabilities & malware in containers

Takes seconds per container (supports parallelization & concurrent analysis for limitless scale)

Runs in the public cloud, private cloud, on-premise, and air-gapped

Supports Docker and all major cloud & on-premise CI/CD platforms

Checks containers before containers reach production environments

Provides continuous monitoring of protected containers

Checkpoint inserted into the data pipeline to layer policy on top of containers

Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 6

Page 7: Why You Need to Rethink Container Security

DEMO: TEARING APART CONTAINERS What did we find?

Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 7

Page 8: Why You Need to Rethink Container Security

THANK YOU

Sasan Padidar

Founder & CTO

[email protected]

@spadidar

Are you using Docker in development environments but concerned about the security of running it in production?

Register today for FlawCheck Private Registry’s free plan, which includes vulnerability & malware inspection services for 1 private repository:

https://console.flawcheck.com/register

Thursday, January 14, 2016 CONFIDENTIAL & PROPRIETARY. COPYRIGHT 2016 © FLAWCHECK INC. ALL RIGHTS RESERVED 8


Why You Should Rethink Abortion

Why You Should Rethink Abortion

Health & Medicine
Rethink teach

Rethink teach

Education
WHY DO WE NEED TO RETHINK THE METHODS FOR SOCIO- … · WHY DO WE NEED TO RETHINK THE METHODS FOR SOCIO-ECONOMIC ASSESSMENT OF INFRASTRUCTURE PROJECTS? A SURVEY OF THE ACADEMIC LITERATURE

WHY DO WE NEED TO RETHINK THE METHODS FOR SOCIO- … · WHY DO WE NEED TO RETHINK THE METHODS FOR SOCIO-ECONOMIC ASSESSMENT OF INFRASTRUCTURE PROJECTS? A SURVEY OF THE ACADEMIC LITERATURE

Documents
ReThink: Why Housing Matters Progress to Date. 2 Agenda Background on HAI Group What Is ReThink? ReThink Impact to Date National Media Consumer Engagement

ReThink: Why Housing Matters Progress to Date. 2 Agenda Background on HAI Group What Is ReThink? ReThink Impact to Date National Media Consumer Engagement

Documents
Rethink business

Rethink business

Technology
Rethink Playland

Rethink Playland

Technology
The Global Tilt and Why You Must Rethink the Future of Medical Technology

The Global Tilt and Why You Must Rethink the Future of Medical Technology

Health & Medicine
Privacy Please: Why Retailers Need to Rethink Personalization

Privacy Please: Why Retailers Need to Rethink Personalization

Technology
Translating Media: Why We Should Rethink Textuality...2012/12/11  · N.Katherine Hayles Translating Media: Why We Should Rethink Textuality In “The Don Quixote of Pierre Menard,”

Translating Media: Why We Should Rethink Textuality...2012/12/11  · N.Katherine Hayles Translating Media: Why We Should Rethink Textuality In “The Don Quixote of Pierre Menard,”

Documents
marketing RETHINK

marketing RETHINK

Business
Container Orchestration Solution - docs.adfinis … · Why container orchestration? Managing applications is hard Packaging applications is even harder Deploying applications is cumbersome

Container Orchestration Solution - docs.adfinis … · Why container orchestration? Managing applications is hard Packaging applications is even harder Deploying applications is cumbersome

Documents
Why we need to rethink what we know about development (and M&E)

Why we need to rethink what we know about development (and M&E)

Documents
Sealed Sterilization Container - MedcomTech Group · Sealed Sterilization Container. Why ONE TRAY®? Regulatory Compliance FDA Clearance: the patented ONE TRAY® Sealed Container

Sealed Sterilization Container - MedcomTech Group · Sealed Sterilization Container. Why ONE TRAY®? Regulatory Compliance FDA Clearance: the patented ONE TRAY® Sealed Container

Documents
Container shipping in times of COVID-19: Why freight rates ...CONTAINER SHIPPING IN TIMES OF COVID-19: WHY FREIGHT RATES HAVE SURGED, AND IMPLICATIONS FOR POLICY BRIEF POLICYMAKERS

Container shipping in times of COVID-19: Why freight rates ...CONTAINER SHIPPING IN TIMES OF COVID-19: WHY FREIGHT RATES HAVE SURGED, AND IMPLICATIONS FOR POLICY BRIEF POLICYMAKERS

Documents
WHY AVAYA’S PASSWORD SUMEDH HYGIENE ......2020/07/09  · 12 WHY PASSWORD HYGIENE MATTERS Sophos’ Paul Ducklin on why it’s time to rethink approaches toward password change 22

WHY AVAYA’S PASSWORD SUMEDH HYGIENE ......2020/07/09  · 12 WHY PASSWORD HYGIENE MATTERS Sophos’ Paul Ducklin on why it’s time to rethink approaches toward password change 22

Documents
Why it’s Time to Completely Rethink Physical Access Control System Architecture ·  · 2015-02-20Physical Access Control System Architecture ... WHITE PAPER Why It’s Time to

Why it’s Time to Completely Rethink Physical Access Control System Architecture ·  · 2015-02-20Physical Access Control System Architecture ... WHITE PAPER Why It’s Time to

Documents
Why Managed Service Providers Should Embrace Container Technology

Why Managed Service Providers Should Embrace Container Technology

Internet
‘the age of no retirement?’ RETHINK, rework & act» RETHINK: THE GENERATIONAL DIVIDE » RETHINK: DESIGN FOR POSITIVE CHANGE » RETHINK: THE LANGUAGE » RETHINK: CREATING AND SHARING

‘the age of no retirement?’ RETHINK, rework & act» RETHINK: THE GENERATIONAL DIVIDE » RETHINK: DESIGN FOR POSITIVE CHANGE » RETHINK: THE LANGUAGE » RETHINK: CREATING AND SHARING

Documents
Wiley New Booksepdf.gms.sg/pdfs/7LyPbPzbWV1rDj2D/pdf/full.pdf · 3 Total Rethink Why Entrepreneurs Should Act Like Revolutionaries David McCourt Rethink your way to a better life!

Wiley New Booksepdf.gms.sg/pdfs/7LyPbPzbWV1rDj2D/pdf/full.pdf · 3 Total Rethink Why Entrepreneurs Should Act Like Revolutionaries David McCourt Rethink your way to a better life!

Documents
ReTHINK PSU

ReTHINK PSU

Education
Managing Containers Easily on Oracle Public Cloudv2.itweb.co.za/.../ebook_Oracle_Container_Cloud_Service.pdf · 2017. 2. 6. · Container Cloud Service Overview Why Oracle Container

Managing Containers Easily on Oracle Public Cloudv2.itweb.co.za/.../ebook_Oracle_Container_Cloud_Service.pdf · 2017. 2. 6. · Container Cloud Service Overview Why Oracle Container

Documents
Why Advocates Need to Rethink Manufactured Housing€¦ · Why Advocates Need to Rethink Manufactured Housing Richard Genz Housing & Community Insight Abstract Manufactured homes

Why Advocates Need to Rethink Manufactured Housing€¦ · Why Advocates Need to Rethink Manufactured Housing Richard Genz Housing & Community Insight Abstract Manufactured homes

Documents
Rethink Marriage

Rethink Marriage

Documents
Why Container Management Platforms Are a Top Enterprise ... · Why Container Management Platforms Are a Top Enterprise Investment Priority I&O and cloud architects must consider the

Why Container Management Platforms Are a Top Enterprise ... · Why Container Management Platforms Are a Top Enterprise Investment Priority I&O and cloud architects must consider the

Documents
From complexity to simplicity: Why it’s time to rethink ... · A container consists of an entire runtime environment: an application, plus all the dependencies, libraries, and configuration

From complexity to simplicity: Why it’s time to rethink ... · A container consists of an entire runtime environment: an application, plus all the dependencies, libraries, and configuration

Documents
Why the New Drug Pipeline Will Make You Rethink Your

Why the New Drug Pipeline Will Make You Rethink Your

Documents
Rethink marketing

Rethink marketing

Documents
RETHINK ORGANIC A Circular Strategy for Organics WASTEcompost.org/English/PDF/Rethink Organic Waste Oct 2015 web.pdf · RETHINK ORGANIC WASTE 2 RETHINK ORGANIC WASTE The Canadian

RETHINK ORGANIC A Circular Strategy for Organics WASTEcompost.org/English/PDF/Rethink Organic Waste Oct 2015 web.pdf · RETHINK ORGANIC WASTE 2 RETHINK ORGANIC WASTE The Canadian

Documents
Why should RA & Fraud Managers rethink the way they manage their business?

Why should RA & Fraud Managers rethink the way they manage their business?

Technology
The manager dilemma: why we need to rethink our approach to management... and how to start

The manager dilemma: why we need to rethink our approach to management... and how to start

Business