Name: Protecting container applications with file system whitelisting
Start: 2017-01-24T12:00:00-0800
End: 2017-01-24T12:50:00-0800

Back To Schedule

Protecting container applications with file system whitelisting

Container technologies like Docker are gaining mainstream interest from development organizations. Unlike virtual machines, containers running on the same host share the underlying OS kernel and filesystem. In this talk we describe an approach to harden and isolate containerized applications via file system monitoring. We show that it is possible to automatically build a whitelist of file system resources that are available to containers based on static analysis of the container contents and configuration. In addition containers can be monitored in runtime for storage writes of known exploits. We demonstrate how a mix of static and runtime file system monitoring proves to be an unintrusive and effective layer of security and isolation for containerized Cloud Native applications.

Speakers

Chenxi Wang, Ph.D.

General Partner, Rain Capital

Dr. Chenxi Wang is ,Managing General Partner at Rain Capital. Chenxi built an illustrious career at Forrester Research, Intel Security, and CipherCloud. At Forrester, Chenxi covered mobile, cloud, and enterprise security, and wrote many hard hitting research papers. At Intel Security... Read More →

Tuesday January 24, 2017 12:00pm - 12:50pm PST
Garden Terrace Room

Garden Terrace Room

Register Now! https://2017.appseccalifornia.org/#register

AppSec California 2017

Chenxi Wang, Ph.D.

Attendees (18)

AppSec California 2017

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Chenxi Wang, Ph.D.

Attendees (18)