Microservices a security nightmare? GOTO Nights Zürich - March 3, 2016 Maximilian Container Solutions Switzerland
|
|
- Lee McCoy
- 5 years ago
- Views:
Transcription
1
2 Microservices a security nightmare? GOTO Nights Zürich - March 3, 2016 Maximilian Container Solutions Switzerland
3
4
5
6
7 Microservices (2016) small, hence many services talking over the network built with different technologies by autonomous teams with end-to-end responsibility doing DevOps and Continuous Delivery using containers
8 Microservices (2016) small, hence many services talking over the network built with different technologies by autonomous teams with end-to-end responsibility doing DevOps and Continuous Delivery using containers
9 Microservices are the result of combining architectural ideas from lightweight SOA and Domain Driven Design, organisational approaches like DevOps and Agile Software Development, and technology innovations like Containers and Programmable Infrastructure
10 Technology Architecture Organisation
11 Monolith
12 many small services
13 Monolith - method calls
14 Microservices - talking over the network
15 Monolith - few technologies Java 7 (1.7.0_03)
16 Microservices - built with different technologies Java 8 nodejs 0.9 Java 7 Ruby 2.1 Go 1.4
17 Security Gates vs
18 autonomous teams with end-to-end responsibility
19 dedicated security experts vs (ISC) 2
20 doing DevOps OWASP??
21 classic Security Sandwich vs Specification Implementation Validation
22 Continuous Delivery
23 well isolated real server vs
24 using containers
25 Attack surface - VMs vs containers XEN Hypervisor - 10^5 LOC Linux Kernel - 10^7 LOC
26
27
28 Highly coupled services No clear boundaries
29 Loosely coupled services Clear boundaries
30 many small services
31 impact of breach can be contained locally
32 Clear service boundaries limit the impact of breaches
33 Keep APIs minimal
34 Microservices have their own data store user_db payment_ data cat_ pictures (stateless) (stateless)
35 Microservices have their own data store user_db payment_ data cat_ pictures (stateless) (stateless)
36 Let the need-to-know principle guide your API design
37 different security levels should require different security properties in services, e.g. encryption, auth, security testing user_db payment_ data cat_ pictures (stateless) (stateless)
38 Classify services into distinct security levels
39 API Gateways API Gateway Access control Rate limiting HTTPS termination...
40 API Gateways API Gateway WAF Payment Svc.
41 Isolate services with different security levels through gateways
42 Authorization & Authentication
43 Authorization & Authentication
44 Use scalable auth techniques without single points of failure
45
46 Secrets management vaultproject.io square.github.io/keywhiz
47 Manage secrets with special purpose services
48
49 Freeze image for analysis payment service instance #2 docs upload service instance #1 payment service instance #1 payment service instance #1 bookmark manager instance #1 cat picture service instance #1 meme generator instance #1
50 Or even the running container (criu.org) payment service instance #2 docs upload service instance #1 payment service instance #1 payment service instance #1 bookmark manager instance #1 cat picture service instance #1 meme generator instance #1
51 Leverage container features for forensics
52 Scheduling constraints payment service instance #2 docs upload service instance #1 payment service instance #1 bookmark manager instance #1 cat picture service instance #1 meme generator instance #1
53 Run services of different security levels on different hosts
54 Replace containers on deploy payment service instance #2 docs upload service instance #1 payment service instance #3 bookmark manager instance #1 cat picture service instance #1 meme generator instance #1
55 Embrace immutable infrastructure
56 built with different technologies Java 8 nodejs 0.9 Java 7 Ruby 2.1 Go 1.4
57 Monocultures
58 Scanning images at rest Nautilus (Docker Inc.) Clair (CoreOS)
59 Scan images already during the build process
60 Container technology BSD Jails 2000 Solaris Zones 2004 LXC 2008 rkt chroot 2001 Virtuozzo Linux-VServer 2007 cgroups 2013 Docker
61 Docker security hardening read-only containers minimal base images drop capabilities traditional hardening (AppArmor, SELinux )... container-solutions.com/security
62 Minimise the attack surface of images and hosts
63 Unify & secure deployment methods Simple to add TLS Authentication Authorisation Logging & Auditing Image verification scp git rsync
64 Have a single, hardened method to deploy
65
66 end-to-end responsibility
67 Gates and Accountability
68 Security Sandwich and Autonomy Specification Implementation Validation
69 Security Sandwich and Autonomy
70 Trust Accountability Expertise Trust Autonomy & Entrepreneurship Collaboration & Support Idea from A.T. Kearny Analysis
71 Security aspects must become part of the Definition of Done
72 Rugged Software Manifesto ruggedsoftware.org
73 SecDevOps? SecOps? DevSec?
74
75 The role of IT Architects is already changing Now, the role of the Security Team needs to change
76 Accountability ensures security is built in, not bolted on
77 Avg: 103 days to fix a vulnerability
78 CD reduces reaction time
79 Leverage Continuous Delivery as a security feature
80 Test pyramid confidence UI tests Service Tests faster feedback Unit Tests from Succeeding with Agile (Mike Cohn)
81 Security-Test pyramid / AppSec pipeline confidence E2E security tests Vulnerability scanning faster feedback static code analysis
82 BDD style gauntlt.org continuumsecurity.net/bdd-intro.html
83 Have your test pyramid reflect security
84 Technology Architecture Organisation
85 Architecture Clear service boundaries limit the impact of breaches Let the need-to-know principle guide your API design Classify services into distinct security levels, which mandate different security properties Use scalable auth techniques without single points of failure Isolate services with different security levels with gateways Manage secrets in specialised services
86 Technology Run services of different security levels on different hosts Leverage container features for forensics Embrace immutable infrastructure Scan images as part of the build process Have a single, hardened method to deploy Minimise the attack surface of images and hosts
87 Organisation Leverage Continuous Delivery as a security feature Have your test pyramid reflect security Accountability ensures security is built in, not bolted on
88 Nightmare?
89 @schoefmann container-solutions.com
The four forces of Cloud Native
1 Aplicaciones Nativas En La Nube The four forces of Cloud Native Iñaki Borrero- Advisory vspecialist MEDI, Dell EMC @DellEMCForum 2 Containers Devops Confluence of 4 forces Agile 3 3 Microservices 4 4
More informationLogging, Monitoring, and Alerting
Logging, Monitoring, and Alerting Logs are a part of daily life in the DevOps world In security, we focus on particular logs to detect security anomalies and for forensic capabilities A basic logging pipeline
More informationDocker and Oracle Everything You Wanted To Know
Docker and Oracle Everything You Wanted To Know June, 2017 Umesh Tanna Principal Technology Sales Consultant Oracle Sales Consulting Centers(SCC) Bangalore Safe Harbor Statement The following is intended
More informationDevOps Anti-Patterns. Have the Ops team deal with it. Time to fire the Ops team! Let s hire a DevOps unit! COPYRIGHT 2019 MANICODE SECURITY
DevOps Anti-Patterns Have the Ops team deal with it. Time to fire the Ops team! Let s hire a DevOps unit! 31 Anti-Pattern: Throw it Over the Wall Development Operations 32 Anti-Pattern: DevOps Team Silo
More informationDevops, Docker and Security. John
Devops, Docker and Security John Willis @botchagalupe About Me https://github.com/botchagalupe/my-presentations One of the founding members of Devopsdays Co-author of the Devops Handbook. Author of the
More informationBUILDING MICROSERVICES ON AZURE. ~ Vaibhav
BUILDING MICROSERVICES ON AZURE ~ Vaibhav Gujral @vabgujral About Me Over 11 years of experience Working with Assurant Inc. Microsoft Certified Azure Architect MCSD, MCP, Microsoft Specialist Aspiring
More informationMurray Goldschmidt. Chief Operating Officer Sense of Security Pty Ltd. Micro Services, Containers and Serverless PaaS Web Apps? How safe are you?
Murray Goldschmidt Chief Operating Officer Sense of Security Pty Ltd Micro Services, Containers and Serverless PaaS Web Apps? How safe are you? A G E N D A 1 2 3 Serverless, Microservices and Container
More informationSecuring Microservices Containerized Security in AWS
Securing Microservices Containerized Security in AWS Mike Gillespie, Solutions Architect, Amazon Web Services Splitting Monoliths Ten Years Ago Splitting Monoliths Ten Years Ago XML & SOAP Splitting Monoliths
More informationSAINT LOUIS JAVA USER GROUP MAY 2014
SAINT LOUIS JAVA USER GROUP MAY 2014 STEVEN BORRELLI steve@borrelli.org @stevendborrelli ABOUT ME FIRST COMPUTER: SYSTEMS ENGINEERING MANAGEMENT FOUNDER, ASTERIS (JAN 2014) @ ORGANIZER OF STL MACHINE LEARNING
More informationTesting Microservices Techniques for Automation
Testing Microservices Techniques for Automation European Testing Conference 2018 Emily Bache @emilybache Emily Bache Practice Lead for Test Automation Consultant Author of The Coding Dojo Handbook @emilybache
More informationFlip the Switch to Container-based Clouds
Flip the Switch to Container-based Clouds B I L L B O R S A R I D I R E C T O R, S Y S T E M S E N G I N E E R I N G 1 November 2017 1 2017 Datera Datera at a Glance Founded 2013 Smart storage for clouds
More informationJava Architectures A New Hope. Eberhard Wolff
Java Architectures A New Hope Eberhard Wolff http://ewolff.com What happens with a talk titled like this? Architecture of Enterprise Java Apps How can I implement a new feature??? ! ECommerce System
More informationContainers, Serverless and Functions in a nutshell. Eugene Fedorenko
Containers, Serverless and Functions in a nutshell Eugene Fedorenko About me Eugene Fedorenko Senior Architect Flexagon adfpractice-fedor.blogspot.com @fisbudo Agenda Containers Microservices Docker Kubernetes
More informationIEEE Sec Dev Conference
IEEE Sec Dev Conference #23, Improving Attention to Security in Software Design with Analytics and Cognitive Techniques Jim Whitmore (former) IBM Distinguished Engineer Carlisle, PA jjwhitmore@ieee.org
More informationAzure DevOps. Randy Pagels Intelligent Cloud Technical Specialist Great Lakes Region
Azure DevOps Randy Pagels Intelligent Cloud Technical Specialist Great Lakes Region What is DevOps? People. Process. Products. Build & Test Deploy DevOps is the union of people, process, and products to
More informationTable of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2
Table of Contents Introduction Overview of vsphere Integrated Containers 1.1 1.2 2 Overview of vsphere Integrated Containers This document provides an overview of VMware vsphere Integrated Containers.
More information[Docker] Containerization
[Docker] Containerization ABCD-LMA Working Group Will Kinard October 12, 2017 WILL Kinard Infrastructure Architect Software Developer Startup Venture IC Husband Father Clemson University That s me. 2 The
More informationOracle Application Container Cloud
Oracle Application Container Cloud Matthew Baldwin Principal Product Manager Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
More informationTravis Cardwell Technical Meeting
.. Introduction to Docker Travis Cardwell Tokyo Linux Users Group 2014-01-18 Technical Meeting Presentation Motivation OS-level virtualization is becoming accessible Docker makes it very easy to experiment
More informationMODERN IT ARCHITECTURE
MODERN IT ARCHITECTURE 2 ABOUT ME 3 ABOUT ME AGENDA 1. KEY CONCEPTS Microservices, containers, etc. 2. HOLISTIC VIEW Making businesses agile 3. ARCHITECTURE Faster, flatter, and more flexible 4. LAB MATERIALS
More informationWHITEPAPER. Embracing Containers & Microservices for future-proof application modernization
WHITEPAPER Embracing Containers & Microservices for future-proof application modernization The need for application modernization: Legacy applications are typically based on a monolithic design, which
More informationExam C Foundations of IBM Cloud Reference Architecture V5
Exam C5050 287 Foundations of IBM Cloud Reference Architecture V5 1. Which cloud computing scenario would benefit from the inclusion of orchestration? A. A customer has a need to adopt lean principles
More informationDeployment Patterns using Docker and Chef
Deployment Patterns using Docker and Chef Sandeep Chellingi Sandeep.chellingi@prolifics.com Agenda + + Rapid Provisioning + Automated and Managed Deployment IT Challenges - Use-cases What is Docker? What
More information개발자와운영자를위한 DevOps 플랫폼 OpenShift Container Platform. Hyunsoo Senior Solution Architect 07.Feb.2017
개발자와운영자를위한 DevOps 플랫폼 OpenShift Container Platform Hyunsoo Kim(hykim@redhat.com) Senior Solution Architect 07.Feb.2017 1 Agenda 1. What is DevOps? 2. Platform as a Service(PaaS) 3. Build & Deploy on PaaS
More informationDevSecOps Why Aren t You Doing It? Brian Liceaga, CISSP 1
DevSecOps Why Aren t You Doing It? Brian Liceaga, CISSP 1 Agenda State of DevOps Value of DevOps Benefitting from DevOps DevSecOps What you can do as InfoSec 2 The State of DevOps - 2017 Automation is
More informationMODERN APPLICATION ARCHITECTURE DEMO. Wanja Pernath EMEA Partner Enablement Manager, Middleware & OpenShift
MODERN APPLICATION ARCHITECTURE DEMO Wanja Pernath EMEA Partner Enablement Manager, Middleware & OpenShift COOLSTORE APPLICATION COOLSTORE APPLICATION Online shop for selling products Web-based polyglot
More informationAWS Integration Guide
AWS Integration Guide Cloud-Native Security www.aporeto.com AWS Integration Guide Aporeto integrates with AWS to help enterprises efficiently deploy, manage, and secure applications at scale and the compute
More informationMicroservices on AWS. Matthias Jung, Solutions Architect AWS
Microservices on AWS Matthias Jung, Solutions Architect AWS Agenda What are Microservices? Why Microservices? Challenges of Microservices Microservices on AWS What are Microservices? What are Microservices?
More informationElizabeth Lawler CEO & Co-Founder Conjur,
SESSION ID: ASD-W02 Is DevOps Breaking Your Company? Elizabeth Lawler CEO & Co-Founder Conjur, Inc. @elizabethlawler Agenda I. Security + DevOps Overview Unstoppable Force vs Immovable Object Aligning
More informationTEN LAYERS OF CONTAINER SECURITY
TEN LAYERS OF CONTAINER SECURITY Tim Hunt Kirsten Newcomer May 2017 ABOUT YOU Are you using containers? What s your role? Security professionals Developers / Architects Infrastructure / Ops Who considers
More informationNevin Dong 董乃文 Principle Technical Evangelist Microsoft Cooperation
Nevin Dong 董乃文 Principle Technical Evangelist Microsoft Cooperation Microservices Autonomous API Gateway Events Service Discovery Circuit Breakers Commands Aggregates Bounded Context Event Bus Domain Events
More informationOS Virtualization. Linux Containers (LXC)
OS Virtualization Emulate OS-level interface with native interface Lightweight virtual machines No hypervisor, OS provides necessary support Referred to as containers Solaris containers, BSD jails, Linux
More informationAGILE RELIABILITY WITH RED HAT IN THE CLOUDS YOUR SOFTWARE LIFECYCLE SPEEDUP RECIPE. Lutz Lange - Senior Solution Architect Red Hat
AGILE RELIABILITY WITH RED HAT IN THE CLOUDS YOUR SOFTWARE LIFECYCLE SPEEDUP RECIPE Lutz Lange - Senior Solution Architect Red Hat Digital Transformation It requires an evolution in. Applications Infrastructure
More informationDevOps on AWS Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS Deep Dive on Continuous Delivery and the AWS Developer Tools Woody Borraccino, AWS Solutions Architect May 4, 2016, Stockholm 2016, Amazon Web Services, Inc. or its Affiliates. All rights
More informationISLET: Jon Schipp, AIDE jonschipp.com. An Attempt to Improve Linux-based Software Training
ISLET: An Attempt to Improve Linux-based Software Training Jon Schipp, AIDE 2015 jonschipp@gmail.com, @Jonschipp, jonschipp.com About me: Security Engineer for the National Center for Supercomputing Applications
More informationA U.S. based so,ware development and technical consul9ng company. Technical Capabilities Overview
A U.S. based so,ware development and technical consul9ng company Technical Capabilities Overview Overview Team Software Engineers, supported by full QA team authoring automated tests All located in single
More informationOne year of Deploying Applications for Docker, CoreOS, Kubernetes and Co.
One year of Deploying Applications for Docker, CoreOS, Kubernetes and Co thomas@endocode.com HI! Thomas Fricke thomas@endocode.com CTO Endocode System Automation DevOps Cloud, Database and Software Architect
More informationAccelerate at DevOps Speed With Openshift v3. Alessandro Vozza & Samuel Terburg Red Hat
Accelerate at DevOps Speed With Openshift v3 Alessandro Vozza & Samuel Terburg Red Hat IT (R)Evolution Red Hat Brings It All Together What is Kubernetes Open source container cluster manager Inspired by
More informationAmir Zipory Senior Solutions Architect, Redhat Israel, Greece & Cyprus
Amir Zipory Senior Solutions Architect, Redhat Israel, Greece & Cyprus amirz@redhat.com TODAY'S IT CHALLENGES IT is under tremendous pressure from the organization to enable growth Need to accelerate,
More informationMicroservices Architekturen aufbauen, aber wie?
Microservices Architekturen aufbauen, aber wie? Constantin Gonzalez, Principal Solutions Architect glez@amazon.de, @zalez 30. Juni 2016 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
More informationContainer Deployment and Security Best Practices
Container Deployment and Security Best Practices How organizations are leveraging OpenShift, Quay, and Twistlock to deploy, manage, and secure a cloud native environment. John Morello CTO Twistlock Dirk
More informationCloud-Native Applications. Copyright 2017 Pivotal Software, Inc. All rights Reserved. Version 1.0
Cloud-Native Applications Copyright 2017 Pivotal Software, Inc. All rights Reserved. Version 1.0 Cloud-Native Characteristics Lean Form a hypothesis, build just enough to validate or disprove it. Learn
More informationAPI, DEVOPS & MICROSERVICES
API, DEVOPS & MICROSERVICES RAPID. OPEN. SECURE. INNOVATION TOUR 2018 April 26 Singapore 1 2018 Software AG. All rights reserved. For internal use only THE NEW ARCHITECTURAL PARADIGM Microservices Containers
More informationSECURITY-AS-A-SERVICE BUILT FOR AWS
SOLUTION BRIEF: SECURITY-AS-A-SERVICE BUILT FOR AWS Alert Logic Security-as-a-Service solutions integrate cloud-based software, analytics and expert services to assess, detect and block workload threats
More informationCloud Native Security. OpenShift Commons Briefing
Cloud Native Security OpenShift Commons Briefing Amir Sharif Co-Founder amir@aporeto.com Cloud Native Applications Challenge Security Change Frequency x 10x 100x 1,000x Legacy (Pets) Servers VMs Cloud
More informationApplying Container Technology to the Virtualized Ground System
Applying Container Technology to the Virtualized Ground System GSAW 2017 Looking Beyond the Horizon Richard Monteleone 2017 by RT LOGIC Inc. Published by The Aerospace Corporation with permission All brands
More informationMicroservice Deployment. Software Engineering II Sharif University of Technology MohammadAmin Fazli
Microservice Software Engineering II Sharif University of Technology MohammadAmin Fazli Topics Continuous Integration & Microservices Continuous Delivery Artifacts Custom Images Environments Service Configuration
More informationSecuring Cloud Applications with a Distributed Web Application Firewall Riverbed Technology
Securing Cloud Applications with a Distributed Web Application Firewall www.riverbed.com 2013 Riverbed Technology Primary Target of Attack Shifting from Networks and Infrastructure to Applications NETWORKS
More informationContinuous Testing at Scale
Continuous Testing at Scale TAPOST Conference October 12th 2016, Riga dmitry@buzdin.lv @buzdin Dmitry Buzdin Introduction to Continuous Testing Continuous Delivery Get changes to production in fast and
More informationTable of Contents 1.1. Overview. Containers, Docker, Registries vsphere Integrated Containers Engine
Table of Contents Overview Containers, Docker, Registries vsphere Integrated Containers Engine Management Portal Registry Roles and Personas 1.1 1.1.1 1.1.2 1.1.2.1 1.1.2.2 1.1.2.3 1.1.2.4 2 Overview of
More informationRed Hat OpenShift Roadmap Q4 CY16 and H1 CY17 Releases. Lutz Lange Solution
Red Hat OpenShift Roadmap Q4 CY16 and H1 CY17 Releases Lutz Lange Solution Architect @AtomicContainer OpenShift Roadmap OpenShift Container Platform 3.2 Kubernetes 1.2 & Docker 1.9
More informationViryaOS RFC: Secure Containers for Embedded and IoT. A proposal for a new Xen Project sub-project
ViryaOS RFC: Secure Containers for Embedded and IoT A proposal for a new Xen Project sub-project Stefano Stabellini @stabellinist The problem Package applications for the target Contain all dependencies
More informationIndustry-leading Application PaaS Platform
Industry-leading Application PaaS Platform Solutions Transactional Apps Digital Marketing LoB App Modernization Services Web Apps Web App for Containers API Apps Mobile Apps IDE Enterprise Integration
More informationMOBILIZING AND SECURING RED HAT JBOSS BPM SUITE & BRMS
MOBILIZING AND SECURING RED HAT JBOSS BPM SUITE & BRMS Maggie Hu - Sr. Middleware Specialist Solution Architect, Red Hat Ken Spokas - Technical Director, Vizuri Yossi Koren - Sr. Solution Architect, Middleware
More informationHi! NET Developer Group Braunschweig!
Hi! NET Developer Group Braunschweig! Über Tobias Dipl. Informatiker (FH) Passionated Software Developer Clean Code Developer.NET Junkie.NET User Group Lead Microsoft PFE Software Development Twitter @Blubern
More informationCLOUD SECURITY SPECIALIST Certification. Cloud Security Specialist
CLOUD SECURITY SPECIALIST Certification Cloud Security The Cloud Professional (CCP) program from Arcitura is dedicated to excellence in the fields of cloud computing technology, mechanisms, platforms,
More informationMARCH Secure Software Development WHAT TO CONSIDER
MARCH 2017 Secure Software Development WHAT TO CONSIDER Table of Content Introduction... 2 Background... 3 Problem Statement... 3 Considerations... 4 Planning... 4 Start with security in requirements (Abuse
More informationBrochure. Security. Fortify on Demand Dynamic Application Security Testing
Brochure Security Fortify on Demand Dynamic Application Security Testing Brochure Fortify on Demand Application Security as a Service Dynamic Application Security Testing Fortify on Demand delivers application
More informationICAgile Learning Roadmap Agile Testing Track
ICAgile Learning Roadmap Agile Testing Track The work in this document was facilitated by the International Consortium for Agile (ICAgile) and done by the contribution of various Agile Experts and Practitioners.
More informationCS 470 Spring Virtualization and Cloud Computing. Mike Lam, Professor. Content taken from the following:
CS 470 Spring 2018 Mike Lam, Professor Virtualization and Cloud Computing Content taken from the following: A. Silberschatz, P. B. Galvin, and G. Gagne. Operating System Concepts, 9 th Edition (Chapter
More informationDyadic Security Enterprise Key Management
Dyadic Security Enterprise Key Management The Secure-as-Hardware Software with a Mathematical Proof Dyadic Enterprise Key Management (EKM) is the first software-only key management and key protection system
More informationDocker and HPE Accelerate Digital Transformation to Enable Hybrid IT. Steven Follis Solutions Engineer Docker Inc.
Docker and HPE Accelerate Digital Transformation to Enable Hybrid IT Steven Follis Solutions Engineer Docker Inc. Containers are the Fastest Growing Cloud Enabling Technology Title source: 451 Research
More informationCLOUD WORKLOAD SECURITY
SOLUTION OVERVIEW CLOUD WORKLOAD SECURITY Bottom line: If you re in IT today, you re already in the cloud. As technology becomes an increasingly important element of business success, the adoption of highly
More informationBest Practices for Cloud Security at Scale. Phil Rodrigues Security Solutions Architect Amazon Web Services, ANZ
Best Practices for Cloud Security at Scale Phil Rodrigues Security Solutions Architect Web Services, ANZ www.cloudsec.com #CLOUDSEC Best Practices for Security at Scale Best of the Best tips for Security
More informationP a g e 1. Teknologisk Institut. Online kursus k SysAdmin & DevOps Collection
P a g e 1 Online kursus k72751 SysAdmin & DevOps Collection P a g e 2 Title Estimated Duration (hrs) Ruby on Rails - Fundamentals 1,5 Ruby on Rails - Database Fundamentals 1,22 Python: The Basics 3,5 Python:
More informationEE 660: Computer Architecture Cloud Architecture: Virtualization
EE 660: Computer Architecture Cloud Architecture: Virtualization Yao Zheng Department of Electrical Engineering University of Hawaiʻi at Mānoa Based on the slides of Prof. Roy Campbell & Prof Reza Farivar
More informationRed Hat Roadmap for Containers and DevOps
Red Hat Roadmap for Containers and DevOps Brian Gracely, Director of Strategy Diogenes Rettori, Principal Product Manager Red Hat September, 2016 Digital Transformation Requires an evolution in... 2 APPLICATIONS
More informationContainer Adoption for NFV Challenges & Opportunities. Sriram Natarajan, T-Labs Silicon Valley Innovation Center
Container Adoption for NFV Challenges & Opportunities Sriram Natarajan, T-Labs Silicon Valley Innovation Center Virtual Machine vs. Container Stack KVM Container-stack Libraries Guest-OS Hypervisor Libraries
More informationDevelopment. Architecture QA. Operations
Development Architecture QA Operations Lack of business agility Slow to onboard new customers Hard to practice true DevOps Outpaced by disruptors Rogue dev projects Lack of SecOps agility Slow threat assessments
More informationIBM Watson Content Hub. Architecture Overview
IBM Watson Content Hub Architecture Overview Watson Content Hub supports a new omni-channel approach with a headless CMS Treat content as a system of record Separated content & presentation Access content
More informationTechnical Brief Distributed Trusted Computing
Technical Brief Distributed Trusted Computing Josh Wood Look inside to learn about Distributed Trusted Computing in Tectonic Enterprise, an industry-first set of technologies that cryptographically verify,
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationSecuring Modern API and Microservice Based Applications by Design A closer look at security concerns for modern applications Farshad Abasi / Forward
Securing Modern API and Microservice Based Applications by Design A closer look at security concerns for modern applications Farshad Abasi / Forward Security / 2018-11-22 About Me Farshad Abasi Based in:
More informationKEY TAKEAWAYS. Containers are expected to grow exponentially over the next couple of years.
CONTAINER SECURITY: A BEST PRACTICES GUIDE // 2 Container popularity grew significantly in 2017 and it s currently positioned to continue its growth into 2019 and beyond. According to data from the 451
More informationMicrosoft Architecting Microsoft Azure Solutions.
Microsoft 70-535 Architecting Microsoft Azure Solutions https://killexams.com/pass4sure/exam-detail/70-535 QUESTION: 106 Your organization has developed and deployed several Azure App Service Web and API
More informationMicroservices Beyond the Hype. SATURN San Diego May 3, 2016 Paulo Merson
Microservices Beyond the Hype SATURN San Diego May 3, 2016 Paulo Merson Our goal Try to define microservice Discuss what you gain and what you lose with microservices 2 Defining Microservice Unfortunately
More informationWelcome to Docker Birthday # Docker Birthday events (list available at Docker.Party) RSVPs 600 mentors Big thanks to our global partners:
Docker Birthday #3 Welcome to Docker Birthday #3 2 120 Docker Birthday events (list available at Docker.Party) 7000+ RSVPs 600 mentors Big thanks to our global partners: Travel Planet 24 e-food.gr The
More informationLINUX CONTAINERS. Where Enterprise Meets Embedded Operating Environments WHEN IT MATTERS, IT RUNS ON WIND RIVER
Where Enterprise Meets Embedded Operating Environments WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Flexible and connected platforms are core components in leading computing fields, including
More informationHow Container Runtimes matter in Kubernetes?
How Container Runtimes matter in Kubernetes? Kunal Kushwaha NTT OSS Center About me Works @ NTT Open Source Software Center Contributes to containerd and other related projects. Docker community leader,
More informationBasic Concepts of the Energy Lab 2.0 Co-Simulation Platform
Basic Concepts of the Energy Lab 2.0 Co-Simulation Platform Jianlei Liu KIT Institute for Applied Computer Science (Prof. Dr. Veit Hagenmeyer) KIT University of the State of Baden-Wuerttemberg and National
More informationRED HAT OPENSHIFT A FOUNDATION FOR SUCCESSFUL DIGITAL TRANSFORMATION
RED HAT OPENSHIFT A FOUNDATION FOR SUCCESSFUL DIGITAL TRANSFORMATION Stephanos D Bacon Product Portfolio Strategy, Application Platforms Stockholm, 13 September 2017 1 THE PATH TO DIGITAL LEADERSHIP IT
More informationHow to Re-Architect without Breaking Stuff (too much) Owen Garrett March 2018
How to Re-Architect without Breaking Stuff (too much) Owen Garrett March 2018 owen@nginx.com All problems in computer science can be solved by another layer of indirection --- David Wheeler, FRS This giant
More informationTwilio cloud communications SECURITY
WHITEPAPER Twilio cloud communications SECURITY From the world s largest public companies to early-stage startups, people rely on Twilio s cloud communications platform to exchange millions of calls and
More informationApigee Edge Developer Training
Training Training DURATION: 4 or 5 days FORMAT: Instructor-led with labs DELIVERY: Public or Private class PREREQUISITES: None HOW IT WORKS: Days 1 4 cover the fundamentals of developing and securing s
More informationSECURITY-AS-A-SERVICE BUILT FOR MICROSOFT AZURE
Alert Logic Virtual Machines are Microsoft Azure Certified to ensure compatibility with the Azure platform. SOLUTION BRIEF: SECURITY-AS-A-SERVICE BUILT FOR MICROSOFT AZURE Alert Logic Security-as-a-Service
More informationDXC Technology and VMware: Innovation that Transforms
DXC Technology and VMware: Innovation that Transforms DXC and VMware for Digital Transformation Digital transformation is the talk of IT today, and although driven by technology, the focus is on real,
More informationA JOURNEY TO THE CLOUD
Container Solutions Zoover Case Study A JOURNEY TO THE CLOUD Building a continuously delivered, container packaged, microservice oriented and dynamically managed cloud native system. CHALLENGE Zoover,
More informationApplication Security at Scale
Jake Marcinko Standards Manager, PCI Security Standards Council Jeff Williams CTO, Contrast Security Application Security at Scale AppSec at Scale Delivering Timely Security Solutions / Services to Meet
More informationLessons Learned: Deploying Microservices Software Product in Customer Environments Mark Galpin, Solution Architect, JFrog, Inc.
Lessons Learned: Deploying Microservices Software Product in Customer Environments Mark Galpin, Solution Architect, JFrog, Inc. Who s speaking? Mark Galpin Solution Architect @jfrog magalpin Microservices
More informationKubernetes made easy with Docker EE. Patrick van der Bleek Sr. Solutions Engineer NEMEA
Kubernetes made easy with Docker EE Patrick van der Bleek Sr. Solutions Engineer NEMEA Docker Enterprise Edition is More than Containers + Orchestration... DOCKER ENTERPRISE EDITION Kubernetes integration
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationDevOps Tooling from AWS
DevOps Tooling from AWS What is DevOps? Improved Collaboration - the dropping of silos between teams allows greater collaboration and understanding of how the application is built and deployed. This allows
More informationFROM VSTS TO AZURE DEVOPS
#DOH18 FROM VSTS TO AZURE DEVOPS People. Process. Products. Gaetano Paternò @tanopaterno info@gaetanopaterno.it 2 VSTS #DOH18 3 Azure DevOps Azure Boards (ex Work) Deliver value to your users faster using
More informationIntroduction to virtualisation, hardware, cloud, containers, unikernels, microkernels. and everything else
Introduction to virtualisation, hardware, cloud, containers, unikernels, microkernels. and everything else What s driving us? Smaller Faster Efficient Secure Cloud, infrastructure and virtualisation Smaller,
More informationDocker and Security. September 28, 2017 VASCAN Michael Irwin
Docker and Security September 28, 2017 VASCAN Michael Irwin Quick Intro - Michael Irwin 2011 - Graduated (CS@VT); started full-time at VT Sept 2015 - Started using Docker for QA June 2016 - Attended first
More informationMicroservice Powered Orchestration
Microservice Powered Orchestration Huabing Zhao ZTE, System Engineer, Network Management &, OPEN-O Common PTL zhao.huabing@zte.com.cn Zhaoxing Meng ZTE, NFV&SDN Architect, Network Management &, OPEN-O
More information, Inc
Monthly Research SELinux in Virtualization and Containers, Inc http://www.ffri.jp Ver 1.00.02 1 SELinux in Virtualization and Containers Virtualization security with SELinux Threat model of operating system
More informationManaging Data at Scale: Microservices and Events. Randy linkedin.com/in/randyshoup
Managing Data at Scale: Microservices and Events Randy Shoup @randyshoup linkedin.com/in/randyshoup Background VP Engineering at Stitch Fix o Combining Art and Science to revolutionize apparel retail Consulting
More informationContainer in Production : Openshift 구축사례로 이해하는 PaaS. Jongjin Lim Specialist Solution Architect, AppDev
Container in Production : Openshift 구축사례로 이해하는 PaaS Jongjin Lim Specialist Solution Architect, AppDev jonlim@redhat.com Agenda Why Containers? Solution : Red Hat Openshift Container Platform Enterprise
More informationCloud Security Strategy - Adapt to Changes with Security Automation -
SESSION ID: CMI-F03 Cloud Security Strategy - Adapt to Changes with Security Automation - Hayato Kiriyama Security Solutions Architect Amazon Web Services Japan K.K. @hkiriyam1 Agenda New Normal of Security
More information