Top 4 DockerCon 2017 Sessions


DockerCon 2017 is around the corner, starting in a few short days. Like most attendees, I like to look for the sessions that most impact my professional life. Lately that’s container security at production scale, and if you’ve dug into the topic in the past you’ll know it’s a bit messy! The following are the top four sessions I plan on attending, and why I feel them to be important.

1. The Future is Cloud Native

I think this is a fair statement, but also a huge challenge. Over my career there have been many disruptive technologies and architectures. Individually they’ve led us to the concept of cloud native applications, but for many development teams and enterprises I speak to, there are challenges. Most agree that if you’re starting a new enterprise you’d be crazy not to embrace the precepts of “Cloud Native Applications” and microservices. If you’re coming from an existing enterprise with existing application stacks, getting from “what you have” to cloud native isn’t always that easy. I’m hoping this star panel will give some nuggets of wisdom I can use to ease the concerns my customers have over containerizing applications.

More on this session.

2. Containers – Part of a Balanced Diet for Successful IT

As part of enterprise migration to containerized service delivery, there is a natural hesitation with rapidly moving technologies like Docker. What gets lost in the discussion is the fact that Docker is based on the proven technology of Linux containers. This firm grounding stabilizes the security of containerized applications, enabling us to confidently deploy containerized applications at scale.

More on this session.

Black Duck Container Security MasterClass - Security Response Process


3. Securing Containers – One Patch at a Time

Patching systems is a well-defined process for enterprise operations teams. Patching containers involves an entirely different process; one which is complicated by scale. While most container orchestration solutions can help in the patching process, it’s important to understand why you need a well-defined container update procedure. This session promises to cover how container escapes can happen with a focus on CVE-2016-9962.

More on this session.

4. Secure Substrate – Least Privileged Container Deployment

While engineering teams are trained in concepts of least privilege, the reality is that when the pace of development is fast, security shortcuts are often the result. Compromising a container with elevated privileges can quickly grant access to information or capabilities that can facilitate additional attacks. If you’ve seen any of my talks or webinars, you’ve probably heard me talk about the “scope of compromise.” Preventing security beachheads from being created is a big topic for me, and I’ll be very interested in learning what additional measures I can take to limit the impact of any attack on my containers.

More on this session.

If you’re at DockerCon and would like to compare notes on container security, please do let me know. I'll be at Black Duck's booth #S6 or you can reach me on Twitter at @TiminTech. I’ve been working on a cool project that will be unveiled later this quarter, and if you ask about it, I might “leak” a few details ;)

Sorry we missed you! We close comments for older posts, but we still want to hear from you. Tweet @black_duck_sw to continue the discussion.


Should You Replace Apache Struts? Maybe. Or, Maybe Not.

| Sep 14, 2017

It’s one hell of a year for Apache Struts. With the latest round of security disclosures comingled with the Equifax data breach, it's reasonable for users of Struts to start questioning if they should be migrating to another framework. After all, there have been five possible remote code execution

| MORE >

RSA Singapore Review - The Perils of Security Hubris

| Aug 4, 2017

With RSA Singapore now in the books, it’s time to look back on the event and a core theme of experiential learning. The stage was set for this with IBM’s Diana Keely highlighting how today’s attacks are rather reminiscent of successful tactics from the past — a form of cyber groundhog day. She

| MORE >

A Voracious Appetite for Open Source Software Worldwide

| Jun 15, 2017

At Black Duck Software, we work with the community and organizations to understand what responsible open source usage means. As part of that process, we view our connection to the open source community as a key component to both understanding where the development community is and educating them

| MORE >