David Lawrence

Docker Security at PyCon: Threat Modeling & State Machines

The Docker Security Team was out in force at PyCon 2017 in Portland, OR, giving two talks focussed on helping the Python Community to achieve better security. First up was David Lawrence and Ying Li with their “Introduction to Threat Modelling talk”. Threat Modelling is a structured process that aids an engineer in uncovering security vulnerabilities in an application design or implemented software. The great majority of software grows organically, gaining new features as some critical mass of users requests them. These features are often implemented without full consideration of how they may impact every facet of the system they are augmenting. Threat modelling aims to increase awareness of how a system operates, and in doing so, identify potential vulnerabilities. The process is broken up into three steps: data collection, analysis, and remediation. An effective way to run the process is Continue reading…

Docker’s 2nd Birthday Wishes: Q&A with Solomon Hykes, Founder of Docker

Docker turns two this week. To celebrate the incredible contributions of our community in such a short period of time and to continue to support and grow it, we are kicking off our first ever open-source-a-thon. The goal is to introduce the skill and potential of contributing to open source to over 1,500 developers around the world, while supporting a charity near and dear to us; marine life and oceanic conservation. We wish to adopt a real female blue whale–Molly Dock–to be a companion to our own Moby Dock.   Aside from our collective wishes for more open source and better oceanic conservation, we asked Solomon what his birthday wishes were for the Docker community he founded two years ago this week. We also asked him to reflect on the initial Docker launch at Pycon and other accomplishments of the Continue reading…