Containerization in a DevOps World: Can AppSec Keep Pace?

Containerization (like Docker and IBM Containers) takes application portability to a new level. Applications can be packaged with everything they need to run for simplified, high-velocity deployment. By using native separation within the OS (Linux or Windows) organizations get many of the benefits of a VM without the overhead of a hypervisor. So what's the downside? Most security tools weren't designed to "play well" with containers. And many security teams aren't aware of the emerging threat models associated with rapid application development and containerized deployment. In this podcast we'll take a quick high-level look at how containerization and DevOps are transforming the application life cycle, explain what it means to security, and provide recommendations on the three things security teams should be doing about it now.