Q&A: How do good containers go bad?
Containers

Q&A: How do good containers go bad?

Recently Tim Mackey, technical evangelist for open source security company Black Duck Software, spoke at London’s DevSecCon about “When Good Containers Go Bad”. In the following lightly edited Q&A we pick his brains on the subject.

 

How are data centre threats evolving?

Data centre operators are facing dual challenges of infrastructure complexity and application velocity as they seek to adhere to global governance regulations such as GDPR. Today’s workloads are increasingly containerised, which means that new management and monitoring paradigms are required to remain compliant. One example of this complexity comes from requirements to patch applications. With bare metal and virtualised servers, we’ve evolved procedures where the operating system and application components within those servers are continuously updated as patches are released. Containerisation flips this paradigm where it’s considered poor practice to patch containerised applications. The preferred solution is to rebuild the container image from patched sources and then redeploy. This one change in procedure requires a reassessment of how applications are built, and importantly where trusted source files are located.

As AI and machine learning is gradually being used to improve data centre operations, is adversarial machine learning also becoming more prevalent?

There’s a lot of potential for bad actors to use AI and machine learning to mount attacks. Machine learning is great at evaluating large data sets and finding patterns. Open source projects are perfect data sets for ML to analyse and assess for potential attack vectors. As we see more AI employed in cybersecurity and data centre operations, it’s reasonable to expect that hackers will also implement this technology, whether that’s to launch phishing attacks or test scenarios that hackers can then use in a malware or DDoS attack.

Machine Learning in security can be a tricky game… Welcome to the world of adversarial machine learning

To continue reading...


Please login or register to view your article. If you do not have or do not remember your password, please click on the “Forgotten your password?” link at the bottom.
If you do not yet have a password but are an existing user, please use the “Forgotten your password?

PREVIOUS ARTICLE

«The CMO Files: Mike Volpe, Cybereason

NEXT ARTICLE

C-suite talk fav tech: Tim Russell, Perforce Software»
author_image
Kathryn Cave

Editor at IDG Connect

  • twt
  • twt
  • Mail

Add Your Comment

Recommended for You

phil-muncaster

Why does China spot security vulnerabilities quicker than the US?

Phil Muncaster reports on China and beyond

silhouette

Everything you need to know about... Blockchain

IDG Connect tackles the tech stories that matter to you

kathryn-cave

What will be the single biggest security threat of 2018?

Kathryn Cave looks at the big trends in global tech

More Like This

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Will Kotlin overtake Java as the most popular Android programming language in 2018?