Attending this event?
Amsterdam, The Netherlands
August 13–August 16, 2020

Learn More and Register to Attend This Event
Saturday, August 15 • 14:25 - 15:00
In a Container, Nobody Hears Your Screams: Next Generation Process Isolation - Andrew Martin, ControlPlane

Sign up or log in to save this to your schedule and see who's attending!

Is it ever safe to run untrusted code in containers? Should process isolation keep workloads in, or attackers out? What would it take to run a malware test lab in Kubernetes?

With fast startup times and consistent execution environments containers beat traditionally slow, monolithic VMs -- but with the advancement of micro VMs the boundaries have become blurred. It is increasingly difficult to know which isolation technology to choose for our next application. Can we run different workloads in different “container” types -- on the same cluster?

In this talk we:
- examine the history of trying to safely run unsafe processes
- compare and contrast the emerging generation of process isolation and security techniques
- rationalise the design decisions that drive each project
- demo how to break in, out, and learn about what workloads are best suited to run in each technology

avatar for Andrew Martin

Andrew Martin

Director, ControlPlane
Andrew has an incisive security engineering ethos gained building and destroying high-traffic web applications. Proficient in systems development, testing, and operations, he is comfortable profiling and securing every tier of a bare metal or cloud native system, and has battle-hardened... Read More →

Saturday August 15, 2020 14:25 - 15:00
Feedback form isn't open yet.

Attendees (63)

Twitter Feed