Michele Chubrika, a Cloud Security Developer Advocate at Google, joins Anton Chuvakin for a deep dive into container security. They debunk myths about isolation and discuss the intricacies between virtual machines and containers, emphasizing trust boundaries within Kubernetes. The conversation highlights the importance of proactive security practices and the potential of WebAssembly to reduce attack surfaces. They also tackle developer challenges in containerized environments, sharing insights on dependency management and the evolving landscape of cloud-native security.
Security in containers and VMs relies on organizational architecture and collaboration between security and platform engineering teams rather than the technology itself.
Properly understanding isolation versus segregation in containers is crucial for implementing effective security measures within Kubernetes clusters.
Enhancing cloud-native security involves shifting from IP-based to application-based identity, emphasizing mutual TLS and the importance of strong governance.
Deep dives
VMs vs. Containers: A Complex Security Debate
The discussion begins with the common debate of whether virtual machines (VMs) or containers are more secure, which is framed as a misguided question. Security expert Michelle Shubirka emphasizes that the security of either technology heavily depends on the organization’s architecture and collaboration between security and platform engineering teams. She points out that containers operate under a shared kernel, which lacks true isolation, and thus security practices must adjust accordingly. The interplay of cultural factors within teams and their willingness to innovate further influences whether containers or VMs achieve higher security levels.
Understanding Isolation in Security Contexts
Michelle clarifies the concept of isolation in the context of containers and VMs, highlighting that containers should not be thought of as providing isolation but rather segregation. She mentions that the architecture of containers naturally leads to more frequent instances of container escapes compared to VM escapes, necessitating proper security measures. She also notes the importance of structuring workloads appropriately within Kubernetes clusters to maintain distinct security boundaries and mitigate risks effectively. The discussion suggests that without carefully managing trust boundaries, organizations may expose themselves to unnecessary vulnerabilities.
The Role of Identity and Security Policies
The podcast discusses the importance of identity in the cloud-native environment, particularly emphasizing the shift from IP-based security to application-based identity. Michelle highlights the significance of implementing mutual TLS and establishing strong identity management to enhance security postures. She emphasizes that strong governance and policy-setting are essential components of a robust security framework, enabling teams to make informed decisions about what can be deployed and under what circumstances. Consequently, clear communication among team members and properly crafted security policies are critical for maintaining compliance and security.
Navigating Attack Surfaces in Containers
Shubirka discusses the misconceptions surrounding attack surfaces, particularly the assumption that containers inherently have a smaller attack surface than VMs. She stresses that the attack surface expands with containerized legacy applications, particularly if there’s a lack of understanding regarding input and output points in the environment. Security practices need to evolve alongside the deployment of containers, including establishing better supply chain security practices for images. Furthermore, Michelle advocates for implementing processes that enforce strict checks and balances to manage vulnerabilities throughout the lifecycle of containerized applications.
The Emerging Role of WebAssembly (Wasm)
The conversation touches on the potential future of container and VM security with the introduction of WebAssembly (Wasm), seen as a promising technology to minimize the attack surface while enhancing performance. Michelle expresses her excitement about Wasm's capabilities, suggesting that it could offer a lighter-weight solution with better process isolation. However, she acknowledges that Wasm's adoption has been slow, not garnering as much attention as other technologies like AI. The discussion indicates that while Wasm shows great promise, organizations must continue to critically evaluate emerging technologies to optimize their security strategies.
This episode is special. We collaborated with the folks behind the Cloud Security Podcast from Google, Anton Chuvakin(LinkedIn)and Tim Peacock, to bring you a joint episode. We had the pleasure to jointly interview Michelle Chubirka, a Cloud Security Developer Advocate. We talked about VM and Container security, debunked some myths about isolation, attack surfaces, immutability of containers, and more.
Do you have something cool to share? Some questions? Let us know:
