Docker Security & AWS ECS


March 23rd at 6:00 PM (doors open at 5:30pm)


NOTE: This month’s meeting will be at Workiva

2900 University Blvd, Ames, IA 50010

Map Link


There will be two talks this month:

Continuous Security with Docker

While containerization has many well-understood benefits, there are some non-obvious caveats that can impact the security of the overall platform.  When vulnerabilities like Heartbleed are announced, DevOps teams often need to race to patch an array of impacted systems.  But which containers are affected?  Which systems need the most immediate attention?  What change control must be observed in order to meet strict regulatory and compliance requirements?   In this talk, Matthew Schlue (@mschlue) will explore some of the issues Workiva has encountered as they’ve moved their infrastructure to an entirely container-based platform.  He will cover some of the tooling required in order to quickly move bug fixes and security updates to production, and ways Workiva has developed to identify and remove older, vulnerable containers that would be unsuitable for production rollbacks.

Autoscaling With ECS Made Easy

Amazon’s EC2 Container Service makes launching docker applications into EC2 clusters quick and painless. However, currently it lacks autoscaling functionality. We will explore how to leverage AWS services to construct autoscaling rules for services in an ECS cluster. This talk will be given by James Koll.

Food and drink will be provided by Workvia