On this episode of the Inner Circle podcast, I am joined by Matt Alderman, Chief Strategy and Marketing Officer for Layered Insight. We’re both thankful that we’ve moved on to greener pastures, but I worked under Matt not long ago when we were both at Tenable—prior to the Great Marketing Purge of 2017. At Layered Insight, Matt is focused on effective container security—and how to address and overcome the challenges that face most of the existing container security strategies.
With every hot new technology, there’s a period of meteoric growth where early adopters all jump on board and it gains some mainstream momentum. At some point, it hits a critical mass and it suddenly occurs to everyone that we should probably also think about how to secure the new technology. Containers are no different. Docker emerged to bring mainstream traction to containers, and as container adoption has taken off we find ourselves in that same, familiar situation of trying to retroactively consider the question of security.
There are a number of strategies and approaches that have been introduced to address the issue, but many—most, really—have their own issues and create as many problems as they solve. The most prevalent container security concepts seem to rely on kernel plugins or privileged access containers—both of which require root access to the underlying OS and break some of the most important functionality of using containers in the first place.
In the podcast, Matt talks about the realities of trying to retrofit security and points out that initial attempts at container security attempt to apply old security models to a new technology, and it simply doesn’t work. Container environments are too dynamic for any security solution to be applied externally—which is why Layered Insight takes a container native approach of embedding security within the containers themselves.