David Grice
David is a Technical Security Consultant at ANZ, actively working on the security of containers, cloud services and applications.

He has previously governed the security posture of highly regulated cloud workloads, large on-premise technology stacks and 3rd party suppliers also in the Financial Services industry.

David has presented at BSides Melbourne, and a range of local Meetups.

Nailing container security in highly regulated industries
Technical Level (3 being the highest score): 2

Are your application teams going rogue and using containers in an uncontrolled manner? Or have you avoided adoption because containers are unfamiliar? Or are you just not sure where the threats are yet? If so, then this is the talk for you.

A dense talk on the securing of containers from the top to bottom of the stack; in doing so this also gives the audience an insight into the architectural process of assessing new technology against the backdrop of a highly regulated entity. Firstly we look at the evolving maturity of containers, then we deep dive into the various layers in the technology stack. From there we go through the threats at each layer and, importantly, the solutions to address them.

Finally, we discuss the all-important operational security changes needed to secure containers ongoing and how security & technology teams need to adapt to a world where infrastructure is now defined in code.