Squeeks aside, this was very clear and informative. Question, could you drop a quick vid on container security, regarding communication? Something like your ideas on HTTP vs HTTPS between the containers and it's implications on securing deployments.
Dumb question, but i am fascinated with this presentation style. How can I do this without having to learn to draw and write backwards? Or is this being done in a mirror?
The main "attack surface" is not even mentioned: Missing isolation of the container from the host. There are not even any serious approaches for this. What you talk about has ALL nothing to do with docker. A system where you have to trust your hosting provider is not considered "safe". You hand over all - and I mean ALL - of your data and secrets to who ever runs your "server". This was impossible in earlier models where a root access was solely meant for the admin, NOT the ISP.
I am contemplating about doing a Master's Thesis on, "Security of container solutions and orchestration frameworks in the context of Industrial Control S ystem". Any suggestions on this.
Very well thought out and executed overview of the container threat landscape.
Squeeks aside, this was very clear and informative.
Question, could you drop a quick vid on container security, regarding communication?
Something like your ideas on HTTP vs HTTPS between the containers and it's implications on securing deployments.
Hi Nuno, thanks for watching! We'll look into your suggestions on HTTP and see what we can do for our future videos. Stay tuned! 👍
I wish I had similar presentation skills !!! Super Cool.
An advice: use an EQ on your audio track to lower the pencil sound. It's painful.
Very simplified video compering at key elements.
Thank u
That's what I was looking for, thank you !
great video to the point!
Clean and comprehensive content
Amazing intel, thanks for the source!
That squeaky sounds
The first time I watched an IBM Explainer video, my dog was confused hearing that sound. Lol
😂
0:45 0:45 0:45
0:45 0:45 0:45
0:45 0:45
Great deliverance. Helps me a lot to develop my knowledge to the relevant topic.
Thanks for the appreciation, glad it is useful to you! 👍
This is clear and inspired. Thank you
Is the host OS the only place you can run things like antivirus and file integrity monitoring?
Dumb question, but i am fascinated with this presentation style. How can I do this without having to learn to draw and write backwards? Or is this being done in a mirror?
Place a glass window between you and the camera. Mirror the screen in post-editing footage
every time you wrote with that marker, dogs started barking down the street...
You plan quantum computers but the pen is still creaking on the board 🤣🤣🤣
Sorry about that! We've gotten better at "de-squeaking" the audio since this was published two years ago.
can anyone response, if i have openshift does openshift provide central security tool that can tack care of all these things??
It is possible to use docker bench on containers inside kubernetes pods , if yes then how
The main "attack surface" is not even mentioned: Missing isolation of the container from the host.
There are not even any serious approaches for this.
What you talk about has ALL nothing to do with docker.
A system where you have to trust your hosting provider is not considered "safe".
You hand over all - and I mean ALL - of your data and secrets to who ever runs your "server".
This was impossible in earlier models where a root access was solely meant for the admin, NOT the ISP.
But why put applications in containers in the first place? It doesn't solve much, but it adds quite a lot of complexity.
more nitty gritty would be nice
The pen marker squeaks are driving me nuts ... wtf IBM, couldn't afford softer markers?
Thanks.
I am contemplating about doing a Master's Thesis on, "Security of container solutions and orchestration frameworks in the context of Industrial Control S ystem". Any suggestions on this.
My best suggestion is for your to conduct your research somewhere except TH-cam comments.
Just a reminder that IBM’s first attempt at cloud was buying the Weather Channel.
Correction: SE Linux is not an OS..
I’m fangirling!!!!!
This man is a legend ! Thank you for the insight.
The mark pen writing sounds like fingersnails scraping on a chalkboard.
Sorry. The squeaking. I can't deal.
hey !!!!!!!!!!!!!!!!!!!!!!!!!!! pleaseeeeeeeeeeee don't edit and put that chowlk noise it jst irritates me