Episode 11 of the podcast covers challenges and baselining of container and cloud security.
(0:54) Introduction (01:29) Question 1: What are the right and left bounds when deciding to use a container environment as part of the infrastructure and how much of that is security minded? (03:03) Question 2: How do you approach a baseline level of security for your containerized environments? Is it mainly configuration or do you consider other aspects for hardening of your containerized environments? (06:30) Question 3: From your experience, which of the environments, if any, are more security forward than any other and why? Kubernetes? Docker? (12:06) Question 4: Does the way you defend and track threats against container environments differ from the non-containerized environments? Is a containerized environment inherently easy to secure or more work? (12:54) Question 5: How have containerized environments changed the penetration testing, threat hunting, and incident response process? Are there different skillsets needed? Could you provide examples? (19:41) Bonus: In the security world, what keeps you up at night? (21:50) Closing