Running Untrusted Code with gVisor - Container Security and Sandboxing
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the world of container security and sandboxing in this 35-minute conference talk by Ian Lewis from Google. Learn about gVisor, an open-source sandbox runtime that enhances container isolation without sacrificing the benefits of containerization. Discover various approaches to sandboxing containers, including virtual machines and unikernels, and understand their trade-offs. Dive into gVisor's unique container security model, its architecture, and how it differs from virtual machine-based sandboxes. Gain insights into use cases for sandboxing containers and witness a demonstration of a minimal serverless platform using gVisor and Kubernetes. Enhance your knowledge of container security and explore innovative solutions for running untrusted code safely in your applications.
Syllabus
The Enemy Within: Running Untrusted Code with gVisor - Ian Lewis, Google
Taught by
Linux Foundation
Tags
Related Courses
Evolution of a Platform as a Service from the InsideDevoxx via YouTube From Secure Container to Secure Service
Linux Foundation via YouTube Security in the Cloud with Falco - Overview and Project Updates
CNCF [Cloud Native Computing Foundation] via YouTube gVisor and Falco - Strengthening Kubernetes and Container Security with Visibility
CNCF [Cloud Native Computing Foundation] via YouTube Kubernetes VM Solutions for Multi-Tenant Applications
CNCF [Cloud Native Computing Foundation] via YouTube