Research Publication

This week Rich, Mike, and Adrian talk about what they expect to see at the RSA Security Conference, and if it really means anything.

Our newest paper, A Complete Guide to Enterprise Container Security, is a full update of our previous research on container security. A lot has happened over the last 18 months, which prompted a significant rewrite of our original content. As more organizations accept that containers are now the common media for applications, the platform focus is shifting to containers, with steps taken at each stage of the container lifecycle to ensure what actually goes into production is fully tested.

The velocity of technology infrastructure change continues to accelerate, putting serious stress on Security Operations (SecOps). This has forced security folks to face the fact that operations has never really been their forte. That’s a bit harsh, but denial never helps address problems. The answer is not to give up or run away, but we do have to think differently. In this paper, we present an approach based on building security into the technology stacks which run our infrastructure, documenting operational in clear runbooks, and implementing those runbooks via orchestration and automation within infrastructure without manual intervention.