Adopting containers can be intimidating to anyone, but if you’re on the security team, it can feel like yet another technology that you’re now responsible for. Containers are meant to be short-lived, frequently redeployed, and immutable. They enable you to patch your environment more easily, identify when you’re affected by a new vulnerability, and enforce governance for what is deployed in your environment—containers provide a fundamentally different security model, and that’s a good thing.
Maya Kaczorowski covers how containers change your development pipeline and how this helps, rather than hurts, your overall security model. She dives into how this specifically helps with vulnerability discovery, securing your software supply chain, and isolation. You’ll leave able to engage your security team on how to better do DevSecOps or continuous security.
Maya Kaczorowski is a product manager in security and privacy at Google, focused on container security. Previously, she worked on encryption at rest and encryption key management. She was also an engagement manager at McKinsey & Company, working in IT security for large enterprises, and she completed her master’s in mathematics, focusing on cryptography and game theory. She’s bilingual in English and French. Outside of work, Maya is passionate about ice cream—making ice cream for friends at home, attending the Penn State Ice Cream Short Course in January 2014, and researching ice cream headaches. She also enjoys puzzling, running, and reading nonfiction.
©2019, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org