Cloud Security Podcast by Google

EP195 Containers vs. VMs: The Security Showdown!


Listen Later

Cross-over hosts:

  • Kaslin Fields, co-host at Kubernetes Podcast

  • Abdel Sghiouar, co-host at Kubernetes Podcast

Guest:

  • Michele Chubirka, Cloud Security Advocate, Google Cloud

Topics:

  • How would you approach answering the question "what is more secure, container or a virtual machine (VM)?"
  • Could you elaborate on the real-world implications of this for security, and perhaps provide some examples of when one might be a more suitable choice than the other?
  • While containers boast a smaller attack surface (what about the orchestrator though?), VMs present a full operating system. How should organizations weigh these factors against each other?
  • The speed of patching and updates is a clear advantage of containers. How significant is this in the context of today's rapidly evolving threat landscape? Are there any strategies organizations can employ to mitigate the slower update cycles associated with VMs?
  • Both containers and VMs can be susceptible to misconfigurations, but container orchestration systems introduce another layer of complexity. How can organizations address this complexity and minimize the risk of misconfigurations leading to security vulnerabilities?
  • What about combining containers and VMs. Can you provide some concrete examples of how this might be implemented? What benefits can organizations expect from such an approach, and what challenges might they face?
  • How do you envision the security landscape for containers and VMs evolving in the coming years? Are there any emerging trends or technologies that could significantly impact the way we approach security for these two technologies?

Resources:

  • Container Security, with Michele Chubrika (the same episode - with extras! - at our peer podcast, "Kubernetes Podcast from Google")
  • EP105 Security Architect View: Cloud Migration Successes, Failures and Lessons
  • EP54 Container Security: The Past or The Future?
  • DORA 2024 report
  • Container Security: It's All About the Supply Chain - Michele Chubirka
  • Software composition analysis (SCA)
  • DevSecOps Decisioning Principles
  • Kubernetes CIS Benchmark
  • Cloud-Native Consumption Principles
  • State of WebAssembly outside the Browser - Abdel Sghiouar
  • Why Perfect Compliance Is the Enemy of Good Kubernetes Security - Michele Chubirka - KubeCon NA 2024

...more
View all episodesView all episodes
Download on the App Store

Cloud Security Podcast by GoogleBy Anton Chuvakin

  • 4.8
  • 4.8
  • 4.8
  • 4.8
  • 4.8

4.8

39 ratings


More shows like Cloud Security Podcast by Google

View all
WSJ Your Money Briefing by The Wall Street Journal

WSJ Your Money Briefing

1,723 Listeners

WSJ What’s News by The Wall Street Journal

WSJ What’s News

4,423 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,010 Listeners

Risky Business by Risky Business Media

Risky Business

373 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,026 Listeners

NVIDIA AI Podcast by NVIDIA

NVIDIA AI Podcast

347 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,079 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

177 Listeners

Practical AI by Practical AI LLC

Practical AI

211 Listeners

Cloud Security Podcast by TechRiot.io

Cloud Security Podcast

58 Listeners

Cybersecurity Headlines by CISO Series

Cybersecurity Headlines

140 Listeners

Huberman Lab by Scicomm Media

Huberman Lab

29,297 Listeners

The AI Daily Brief: Artificial Intelligence News and Analysis by Nathaniel Whittemore

The AI Daily Brief: Artificial Intelligence News and Analysis

683 Listeners

HBR On Leadership by Harvard Business Review

HBR On Leadership

169 Listeners

AI Security Podcast by TechRiot.io

AI Security Podcast

9 Listeners