Posts under Microservices security
“Keep Cloud Native Weird.” That was the motto of KubeCon + CloudNativeCon 2017, which I had the opportunity to attend last week in Austin. With the conference attracting more than 4,100 participants, hundreds of technical sessions, new project announcements, and key updates on existing initiatives, it is clear that the cloud native computing revolution continues to accelerate. Here are some of the highlights I found most interesting. KubeCon welcome mural
At StackRox, we’re thrilled to have the support of Ron Gula, an industry luminary and invaluable mentor to me for the past decade. Ron is a longtime leader in the security community, having started his career at the National Security Agency (NSA) conducting penetration tests of government networks and performing advanced vulnerability research. Ron is also an experienced entrepreneur, CTO, and CEO, as the original author of the Dragon Intrusion Detection System, CTO of Network Security Wizards (acquired by Enterasys Networks), and cofounder of Tenable Network Security, where he served as CEO from 2002-2016.
Forensics in the age of containers You’ve seen it countless times in television’s most popular dramas: professional investigators descend on the scene of a crime to meticulously record and analyze every detail and clue before anyone else can disrupt the scene. If the crime appears to be related to other ongoing cases, clues are tacked to the peg board back at headquarters. Only once all the pieces have been assembled do patterns emerge.
Why everyone from investors to the C-suite should consider container security Over the past few years, virtually all of the most innovative enterprise firms — from multinational banks like Goldman Sachs, to cutting-edge technology companies like Google — have set out to modernize the way they deliver software applications through containers and microservices architectures. By breaking down large applications into smaller, composable pieces, software developers and those in charge of managing applications have discovered that containers — and the microservices approach they enable — allow for software development that is far more agile, resilient, and efficient than traditional monolithic approaches.
Introduction Container technology has radically changed the way that applications are being developed and deployed. Notably, containers dramatically ease dependency management, so shipping new features or code is faster than ever before. While Docker containers and Kubernetes are great for DevOps, they also present new security challenges that both security practitioners and developers must understand and address with diligence. Docker’s team of security experts has built some valuable security features into the Docker platform over the last several years.
Shortly following our launch, I was a guest on Paul Asadoorian’s Startup Security Weekly show. In this episode, hear about how Sameer and I conceived the idea for the company, how we talked to investors about our ideas, and why our platform uniquely addresses the challenges of enterprises who are embracing containerization and microservices. We also discuss how enterprises are using StackRox to build security into the fabric of their infrastructures as they operationalize their use of containers and microservices.
On our launch day, Ali and I were guests on Derrick Harris’ ARCHITECHT Show. Check out this podcast to hear about the origin of StackRox, why CISOs personally invested in our company, what we think about microservices, and how we work with Docker. Episode 29: StackRox founders on making microservices secure ARCHITECHT Show, StackRox co-founders Sameer Bhalotra and Ali Golshan break down the state of container security and the new technology they have built to solve it.
It’s an exciting day in StackRox history - launching out of stealth mode, unveiling adaptive threat protection for containers, and announcing funding led by Sequoia Capital. We’re also launching our new website and blog today. We hope you’ll spend some time looking around: Read highlights of the StackRox platform Deep dive into the StackRox feature set Learn why Sequoia Capital is backing StackRox Read my letter on the team page about what drives StackRox Check our career page for current StackRox job openings Meet us at Black Hat next week, where we’ll be hosting a VIP customer appreciation event and discussing container security with the leaders of our field Sign up for notifications of new StackRox blog posts Visit us at stackrox.