Developer Secure Containers for the Cyberspace Battlefield
The speed and pace of cyber threats by state and non-state actors are bombarding Department of Defense (DoD) network defenses and threaten to undermine the United States technological military advantage. The overall strategy is to Defend DoD networks, systems, and information. DoD must raise the bar on technology and innovation to stay ahead of the threat by enhancing its cyber defense capabilities, including by building and employing a more defendable network architecture in the Joint Information Environment (JIE). VMware and Pivotal offers a secure Container Service (PKS), which deploys and manages securely enterprise grade Kubernetes on top of VMware SDDC stack. With PKS, DoD customers get to deploy Kubernetes, which provides the clustering, scheduling, and orchestration technology to containerized applications. With Kubernetes, DoD developers can focus on writing application code using microservice architecture while the Kubernetes platform addresses the complex task of scalability, availability, and security for Cloud Native Applications. Based on many conversations in the field, the speakers have observed DoD customers challenged with providing modern security patterns to Kubernetes based deployments. The common “soft egg in the middle” pattern is amplified in today’s container-based applications. How can customers secure east west traffic in a Kubernetes deployment? How can customers create secure multi-tenant environments that enable developers to be efficient while secure from other projects? How can IT encrypt the communication channels within a Kubernetes based deployment, without creating a management overhead nightmare? How can we be sure developers are not introducing known Common Vulnerabilities and Exposures (CVE) into the container runtime environment? These questions and more will be addressed in our security deep dive of Pivotal Container Service.