1800 - Food, Drinks, & Networking
1830 - Container Security with Rory McCune
1900 - Bringing data into the circle of control - Data management is killing
your velocity! with Mark Coleman
Container Security with Rory McCune
A couple of years ago the Docker container runtime was the main way to execute application containers on Linux, but since then a number of alternatives have emerged on Linux and Windows, offering a variety of options for getting containers running and promising enhanced security to get round the bogeyman of "containers don't contain".
This talk will look at some of the details of how Docker works and the alternatives that are emerging including gVisor, Kata Containers and options for running containers on Windows.
Bringing data into the circle of control - Data management is killing your velocity!
Data management issues cause tremendous pain throughout the software development life cycle, and the increased adoption of cloud native computing practices is exacerbating the problem as applications change faster and employ multiple databases behind their microservices. Version control and software testing allow you to control your code, immutable infrastructure allows you to tame your infrastructure, but data is largely still managed using a set of flaky and disparate tools and practices. In this talk we’ll highlight three areas where data is causing software teams to grind to a halt and will explain why this is happening. Finally, we’ll introduce dotmesh an open source tool that we’ve developed which we think starts to address these issues.
Rory has worked in the Information and IT Security arena for the last 18 years in a variety of roles, from financial services, to running a small testing company, to working for large companies as a consultant. These days he spends most of his work time on application, cloud and container security. He's is an active contributor to the container security world, helping with the CIS Docker and Kubernetes guides and working on a Kubernetes Security Scanner.
He has presented on application, container and general IT Security topics at a wide range of conferences from Kubecon EU to OWASP AppsecEU and all 5 UK BSides conferences. When he’s not working he can generally be found out and about enjoying the scenery in the highlands of Scotland, if the midgies aren’t biting!
Mark is the CEO at Implicit-Explicit (http://implicit-explicit.com/), co-founder of the Software Circus (http://softwarecircus.io/) and Docker Randstad (https://www.meetup.com/Docker-Randstad/). He has more than 10 years of experience in Software Development, Configuration Management and IT Operations and has helped some of Europe's largest companies to change the way they create and deliver software to their users.