The InfoQ Podcast Cloud Security Challenges in the AI Era - How Running Containers and Inference Weaken Your System
Nov 17, 2025
Marina Moore, a research scientist at Adara and co-chair of the CNCF Security & Compliance TAG, dives into the vulnerabilities of container security. She discusses the risks tied to sharing the host kernel and advocates for micro-VMs as a solution to reduce attack surfaces. Marina highlights the dangers of GPU inference in multi-tenant environments and critiques current isolation techniques. She also emphasizes the potential of using memory-safe languages like Rust to enhance security in cloud architectures.
AI Snips
Chapters
Transcript
Episode notes
Containers Aren't Full Isolation
- A container packages code and its dependencies but still shares the host kernel, so it does not fully isolate workloads.
- Relying only on container primitives leaves a large shared attack surface in the OS kernel.
Use MicroโVMs For Stronger Boundaries
- Use VM-based isolation (microโVMs) when you need stronger boundaries to avoid shared kernel vulnerabilities.
- Keep the container abstraction for developer tooling but run it atop efficient microโVMs for security.
MicroโVM Stack Layers Matter
- A modern microโVM stack has layers: hypervisor (KVM/Xen), VMM (Firecracker/Cloud Hypervisor), then a container runtime like Kata.
- Each layer affects performance and security, so understand tradeoffs when choosing components.