Enabling Security via Container Runtimes


An overview of the work performed at various levels—Linux kernel, OCI runc, containerd/cri-o and Docker—to bring core security features into the runtime layers and, where applicable, available to platforms like Kubernetes. In this talk we cover everything from seccomp to user namespaces, to cross-cutting features like rootless containers and encrypted layers.

Seattle, WA
Phil Estes
Distinguished Engineer & CTO, Linux OS and Container Architecture Strategy

Container open source maintainer and technical leader at IBM Cloud.