Running Untrusted Code with gVisor - Container Security and Sandboxing
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the world of container security and sandboxing in this 35-minute conference talk by Ian Lewis from Google. Learn about gVisor, an open-source sandbox runtime that enhances container isolation without sacrificing the benefits of containerization. Discover various approaches to sandboxing containers, including virtual machines and unikernels, and understand their trade-offs. Dive into gVisor's unique container security model, its architecture, and how it differs from virtual machine-based sandboxes. Gain insights into use cases for sandboxing containers and witness a demonstration of a minimal serverless platform using gVisor and Kubernetes. Enhance your knowledge of container security and explore innovative solutions for running untrusted code safely in your applications.
Syllabus
The Enemy Within: Running Untrusted Code with gVisor - Ian Lewis, Google
Taught by
Linux Foundation
Tags
Related Courses
From the Ground Up - How We Built the Nanos UnikernelLinux Foundation via YouTube Escaping Virtualized Containers
Black Hat via YouTube Look Ma, No OS! - Unikernels and Their Applications
Strange Loop Conference via YouTube Unikernels and Docker - From Revolution to Evolution
Devoxx via YouTube Unikraft: From Research to Deployment Reality
Linux Foundation via YouTube