Sign up to save your podcasts
Or
Share EP195 Containers vs. VMs: The Security Showdown!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
EP195 Containers vs. VMs: The Security Showdown!
Cross-over hosts:
-
Kaslin Fields, co-host at Kubernetes Podcast
-
Abdel Sghiouar, co-host at Kubernetes Podcast
Guest:
-
Michele Chubirka, Cloud Security Advocate, Google Cloud
Topics:
- How would you approach answering the question ”what is more secure, container or a virtual machine (VM)?”
- Could you elaborate on the real-world implications of this for security, and perhaps provide some examples of when one might be a more suitable choice than the other?
- While containers boast a smaller attack surface (what about the orchestrator though?), VMs present a full operating system. How should organizations weigh these factors against each other?
- The speed of patching and updates is a clear advantage of containers. How significant is this in the context of today's rapidly evolving threat landscape? Are there any strategies organizations can employ to mitigate the slower update cycles associated with VMs?
- Both containers and VMs can be susceptible to misconfigurations, but container orchestration systems introduce another layer of complexity. How can organizations address this complexity and minimize the risk of misconfigurations leading to security vulnerabilities?
- What about combining containers and VMs. Can you provide some concrete examples of how this might be implemented? What benefits can organizations expect from such an approach, and what challenges might they face?
- How do you envision the security landscape for containers and VMs evolving in the coming years? Are there any emerging trends or technologies that could significantly impact the way we approach security for these two technologies?
Resources:
- Container Security, with Michele Chubrika (the same episode - with extras! - at our peer podcast, “Kubernetes Podcast from Google”)
- EP105 Security Architect View: Cloud Migration Successes, Failures and Lessons
- EP54 Container Security: The Past or The Future?
- DORA 2024 report
- Container Security: It’s All About the Supply Chain - Michele Chubirka
- Software composition analysis (SCA)
- DevSecOps Decisioning Principles
- Kubernetes CIS Benchmark
- Cloud-Native Consumption Principles
- State of WebAssembly outside the Browser - Abdel Sghiouar
- Why Perfect Compliance Is the Enemy of Good Kubernetes Security - Michele Chubirka - KubeCon NA 2024
View all episodes
By Anton Chuvakin
4.8
3838 ratings
Cross-over hosts:
-
Kaslin Fields, co-host at Kubernetes Podcast
-
Abdel Sghiouar, co-host at Kubernetes Podcast
Guest:
-
Michele Chubirka, Cloud Security Advocate, Google Cloud
Topics:
- How would you approach answering the question ”what is more secure, container or a virtual machine (VM)?”
- Could you elaborate on the real-world implications of this for security, and perhaps provide some examples of when one might be a more suitable choice than the other?
- While containers boast a smaller attack surface (what about the orchestrator though?), VMs present a full operating system. How should organizations weigh these factors against each other?
- The speed of patching and updates is a clear advantage of containers. How significant is this in the context of today's rapidly evolving threat landscape? Are there any strategies organizations can employ to mitigate the slower update cycles associated with VMs?
- Both containers and VMs can be susceptible to misconfigurations, but container orchestration systems introduce another layer of complexity. How can organizations address this complexity and minimize the risk of misconfigurations leading to security vulnerabilities?
- What about combining containers and VMs. Can you provide some concrete examples of how this might be implemented? What benefits can organizations expect from such an approach, and what challenges might they face?
- How do you envision the security landscape for containers and VMs evolving in the coming years? Are there any emerging trends or technologies that could significantly impact the way we approach security for these two technologies?
Resources:
- Container Security, with Michele Chubrika (the same episode - with extras! - at our peer podcast, “Kubernetes Podcast from Google”)
- EP105 Security Architect View: Cloud Migration Successes, Failures and Lessons
- EP54 Container Security: The Past or The Future?
- DORA 2024 report
- Container Security: It’s All About the Supply Chain - Michele Chubirka
- Software composition analysis (SCA)
- DevSecOps Decisioning Principles
- Kubernetes CIS Benchmark
- Cloud-Native Consumption Principles
- State of WebAssembly outside the Browser - Abdel Sghiouar
- Why Perfect Compliance Is the Enemy of Good Kubernetes Security - Michele Chubirka - KubeCon NA 2024
More shows like Cloud Security Podcast by Google
View all
Risky Business
365 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
626 Listeners
The Cloudcast
152 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
366 Listeners
CyberWire Daily
1,006 Listeners
AWS Podcast
201 Listeners
Click Here
408 Listeners
Cybersecurity Today
166 Listeners
Kubernetes Podcast from Google
181 Listeners
CISO Series Podcast
189 Listeners
Hacking Humans
314 Listeners
Defense in Depth
74 Listeners
Cloud Security Podcast
58 Listeners
Cyber Security Headlines
127 Listeners
Risky Bulletin
43 Listeners