BSides BoulderMay 31

🚨 Containers aren't real. They're someone else’s address space—and a ticking security time bomb 💥 Get blown away by Jed Salazar's #BSidesBoulder25 talk "There Is No Container, It's Just Someone Else's Address Space"! You'll learn why container isolation is more myth than reality, how AI workloads make it worse, and what actually works to secure your stack. Kubernetes chaos meets RCE-as-a-Service—don’t miss it! 🐳🔥 #BSides #BSidesBoulder #CyberSecurity #ContainerSecurity #Kubernetes #CloudNative

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

Schedule

Schedule is subject to change

Beth PariseauMay 30
A new wave of #softwaresupplychainsecurity tools is emerging to tackle #vulnerabilitymanagement for customers using hosted services that deliver fortified container and application images or artifacts. #OSS #cybersecurity #vulnerabilityremediation #chainguard #docker #cloudsmith #containersecurity #SaaS https://www.techtarget.com/searchitoperations/news/366625212/Software-supply-chain-security-tools-take-on-toil-for-users
Software supply chain security tools take on toil for users

Recent updates from software supply chain security vendors simply take over vulnerability management on behalf of IT orgs, rather than provide facilitating tools.

TechTarget
BSides BoulderMay 27

🚢 Curious about containers and container (in)security, but not sure where to start? Don't miss #BSidesBoulder speaker alum @some_natalie's talk, "A Gentle Introduction to Container Security"!
The talk provides a friendly deep dive into the risks lurking across the container ecosystem, from image vulnerabilities to orchestrator misconfigurations. Whether you're a dev, engineer, or policymaker, you'll leave with real-world insights and zero yawns (yes, even when we talk about NIST). 🧠🔐 #BSides #BSidesBoulder25 #ContainerSecurity #CyberSecurity

Check out our full schedule at https://bsidesboulder.org/schedule/

Tickets are available for purchase for our 13 June event here: https://www.eventbrite.com/e/bsides-boulder-2025-registration-1290129274389

Schedule

Schedule is subject to change

Marco Ciappelli🎙️✨ May 7

🎙️ Think your containers are isolated? Think again. In this On Location Brand Story from RSAC 2025, we explore why container isolation might just be an illusion—and what you can actually do about it.

🚀 New Brand Story from RSAC 2025: Not So Contained — When Container Isolation Is Just an Illusion

At RSAC Conference 2025, Sean Martin and Marco Ciappelli sat down with Emily Long, Head of Product at EDERA, to talk about the security myths surrounding containerization — and the real risks that enterprises need to address today.
🔐 Why is traditional container isolation failing, and what smarter approaches should security leaders be taking?
Find out how EDERA is helping companies rethink their container security strategies for a more resilient digital infrastructure.

🎙️ Watch, listen, or read the full story here:
👉 https://www.itspmagazine.com/their-stories/not-so-contained-when-container-isolation-is-just-an-illusion-a-brand-story-with-emily-long-from-edera-an-on-location-rsac-conference-2025-brand-story

📌 Learn more about EDERA’s work:
👉 https://www.itspmagazine.com/directory/edera

🛰️ See all our RSAC 2025 coverage:
👉 https://www.itspmagazine.com/rsac25

🌟 Discover more Brand Stories and Briefings from innovative companies:
👉 https://www.itspmagazine.com/brand-story

🎥🎙️ This is just one of the many incredible conversations we recorded On Location in San Francisco, as Sean Martin and Marco Ciappelli covered the event as official media partners for the 11th year in a row.
Stay tuned for more Brand Stories, Briefings, and candid conversations from RSAC 2025!

🎤 Looking ahead:
If your company would like to share your story with our audiences On Location, we’re gearing up for Infosecurity Europe in June and Black Hat USA in August!
⚡ RSAC 2025 sold out fast — we expect the same for these next events.
🎯 Reserve your full sponsorship or briefing now: https://www.itspmagazine.com/purchase-programs

📲 Hashtags:
#cybersecurity #infosec #infosecurity #technology #tech #society #business #containersecurity #cloudsecurity #resilientinfrastructure #edera

Not So Contained: When Container Isolation Is Just an Illusion | A Brand Story with Emily Long from Edera | An On Location RSAC Conference 2025 Brand Story — ITSPmagazine | Broadcasting Ideas. Connecting Minds.™

Containerization transformed development speed—but at what cost to security? In this episode, Emily Long, co-founder and CEO of Edera, explains how rethinking infrastructure from the kernel up is making true container isolation possible without sacrificing developer velocity or platform flexibility.

ITSPmagazine
Mohammad-Ali A'RÂBI 🐧🐳May 2

🔒 Docker Tip #11: To restrict container capabilities on Kubernetes, use "security context".

#ContainerSecurity #DockerHour

DockerSecurity.io

DeadSwitch @ T0m's 1T C4feMay 2

🛡️ Building a Segmented, Secure Multi-Container Application with Podman #Podman #RootlessContainers #ContainerSecurity #DevSecOps #ZeroTrust #LinuxSecurity #NGINX #MariaDB #Passbolt #CyberSecurity #SegmentAndSecure #DeadSwitch #TheCyberGhost #SilentOps #InfrastructureHardening

http://tomsitcafe.com/2025/05/02/%f0%9f%9b%a1%ef%b8%8f-building-a-segmented-secure-multi-container-application-with-podman/

Building a Segmented, Secure Multi-Container Application with Podman

By DeadSwitch | The Cyber Ghost”In silence, we rise. In the switch, we fade.” Modern web applications are never just one service.They’re a fortress of moving parts – and every con…

Tom's IT Cafe
DeadSwitch @ T0m's 1T C4feApr 30

🛡️ Use Podman. Model your application. Segment. Contain. Secure. #Podman #ContainerSecurity #RootlessContainers #LinuxHardening #SecureByDesign #DevSecOps #CyberSecurity #ZeroTrust #DeadSwitch #TheCyberGhost #InfrastructureSecurity #SilentOps #SegmentAndSecure

http://tomsitcafe.com/2025/04/30/%f0%9f%9b%a1%ef%b8%8f-use-podman-model-your-application-segment-contain-secure/

Use Podman. Model your application. Segment. Contain. Secure.

By DeadSwitch | The Cyber Ghost”In silence, we rise. In the switch, we fade.” Too many teams still treat containers like virtual machines.Worse – like junk drawers.Everything in o…

Tom's IT Cafe
Mohammad-Ali A'RÂBI 🐧🐳Apr 24
🔒 Docker Tip #3: Don't run containers as root! Always specify a non-root user in your Dockerfile to enhance security and follow the principle of least privilege.
#ContainerSecurity #DockerHour
DockerSecurity.io
anchoreApr 15

CIS ✅ STIG ✅ FedRAMP ✅ NIST ✅

Anchore Enforce comes with pre-built policy packs for major compliance standards. No translation needed.

Learn more: https://anchore.com/blog/automate-your-compliance-how-anchore-enforce-secures-the-software-supply-chain/

#SoftwareSupplyChain #Compliance #ContainerSecurity #PolicyAsCode

This Easy-to-Generate File Offers a Quick Path to PCI 4.0 Compliance

As of March 2025, PCI DSS 4.0 requires comprehensive software component inventories. Learn how one file provide the most effective path to compliance.

Anchore
anchoreApr 11

Developers: Stop getting surprised by compliance issues at the end of your build. Anchore Enforce gives you immediate policy feedback right in your CI/CD pipeline.

See how: https://anchore.com/blog/automate-your-compliance-how-anchore-enforce-secures-the-software-supply-chain/

#SoftwareSupplyChain #Compliance #ContainerSecurity #PolicyAsCode

This Easy-to-Generate File Offers a Quick Path to PCI 4.0 Compliance

As of March 2025, PCI DSS 4.0 requires comprehensive software component inventories. Learn how one file provide the most effective path to compliance.

Anchore