Flexible Training for Today's Critical Cyber Skills - Available Now with Best Specials of the Year - Learn More

Cloud Security Europe 2021 - Live Online

Virtual, Central European Time | Mon, Feb 8 - Sat, Feb 13, 2021

MicroVMs meet Containers: Next Generation Process Isolation

  • Andrew Martin, Lewis Denham-Parry
  • Tuesday, February 9th, 7:30pm - 8:30pm

Is it ever safe to run untrusted code in containers? Should process isolation keep workloads in, or attackers out? What would it take to run a malware test lab in Kubernetes?

With fast startup times and consistent execution environments containers beat traditionally slow, monolithic VMs but with the advancement of micro VMs the boundaries have become blurred. It is increasingly difficult to know which isolation technology to choose for our next application. Can we run different workloads in different container types -- on the same cluster?

In this talk we:

- Examine the history of trying to safely run unsafe processes

- Compare and contrast the emerging generation of process isolation and security techniques

- Rationalize the design decisions that drive each project

- Learn about what workloads are best suited to run in each technology

This SANS@Mic talk will be delivered Live Online. More information and reigster by clicking here.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
Tuesday, February 9
Session Speaker Time Type
MicroVMs meet Containers: Next Generation Process Isolation Andrew Martin, Lewis Denham-Parry Tuesday, February 9th, 7:30pm - 8:30pm SANS@Night