Cloud Security Podcast by Google EP195 Containers vs. VMs: The Security Showdown!
10 snips
Oct 21, 2024 Michele Chubirka, a Cloud Security Advocate at Google Cloud with a rich background in finance and academia, delves into the security dynamics between containers and virtual machines. She discusses the implications of attack surfaces, patch speed, and the complexities of misconfigurations in orchestrators. Michele shares strategies for organizations to effectively balance the strengths and vulnerabilities of both technologies. With insights on the future interplay of containers, VMs, and WebAssembly, she inspires a proactive approach to evolving security challenges.
AI Snips
Chapters
Transcript
Episode notes
Kubernetes Journey
- Michele Chubirka's journey with Kubernetes began at a small software company.
- A colleague asked her to help with using containers on Kubernetes.
It Depends
- The question of whether VMs or containers are more secure depends on context, like organizational structure and security practices.
- Consider "Conway's Law of Cloud Security": the security of your systems reflects your organization's structure.
Isolation Matters
- Built-in security differences exist between VMs and containers beyond just cultural aspects.
- The isolation argument favors VMs for stronger isolation, although VM escapes are possible.