Two Ways Platforms Can Help Decentralize Applications (and Cloud) While Still Controlling What Matters Most
Senior Cloud Architect, Mirantis
New tools like service mesh help us build and run decentralized applications at scale, offering new kinds of agility, resiliency and savings. Enterprises, however, need assurance that components used in building are trustworthy, meet organizational standards and that executable deliverables, decentralized workloads, and the platforms and resources they run on remain compliant with security, regulatory and other requirements.
In this presentation, Bryan Langston, director of architecture at Mirantis, will describe best practices for configuring and using trusted container registry – enabling firm policy management for technical alignment, security and control of intellectual property – while still enabling rapid innovation and use of community-provided resources. Bryan will also discuss Docker Enterprise’s experimental implementation of OSCAL – the Open Security Controls Assessment Language – developed and curated by the National Institute of Standards and Technology (NIST) to enable in-line, “ground truth” security auditing of developer workflows, components and live workloads.
Attendees at this session will learn:
- Battle-proven patterns for implementing trusted registry
- Creating an operational policy envelope and automation around trusted registry, enabling strong security and compliance without slowing innovation
- Basics of OSCAL – NIST’s Open Security Controls Assessment Language
- Methods of encoding OSCAL in JSON, YAML and XML
- How OSCAL can work in practice, using Docker Enterprise’s PoC implementation as an example