This event has ended. Visit the official site or create your own event on Sched.
September 11-14, 2017 - Los Angeles, CA
Click Here For Information & Registration
Back To Schedule
Wednesday, September 13 • 2:00pm - 2:40pm
A Question of Trust – When Good Containers Go Bad - Tim Mackey, Black Duck Software

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Containerization has increased the pace of application deployment, but has trust kept pace? Once an image is compromised, which applications are at risk and how far has trust been broken?
To answer this, we assert the container image came from a trusted source, and that our application was subject to static code analysis and the container to pen-testing. We further assert appropriate perimeter defenses and deployment controls are in place. While we have defined a trust model, we didn’t include the impact of information flow.
Vulnerability remediation is a function of awareness. To devise an action plan, defenders must assess the impact of a security issue. Malicious actors with early access to information can craft and refine attacks while defenders are reacting. Having a full inventory of container dependencies is key to increasing awareness and reducing reaction time from days to hours.

avatar for Tim Mackey

Tim Mackey

Senior Technical Evangelist, Black Duck by Synopsys
Tim Mackey is a technology evangelist for Black Duck Software specializing in the secure deployment of applications using virtualization, cloud and container technologies. Prior to joining Black Duck, Tim was most recently the community manager for XenServer and was part of the Citrix... Read More →

Wednesday September 13, 2017 2:00pm - 2:40pm PDT
Diamond Ballroom 7