and that’s why you build redundancy and image scanning into your pipeline.
to not use a technology like containers based entirely on a generalization of “security” ignores the obvious security benefits of using a sandboxed environment that can run almost anywhere.
it used to take an hour to release new code into the services I own where I work. with containerized services it takes me five minutes. sure, the builds and scans and qa takes a day but the apps have never been this stable before.
rollbacks would take all fucking night. now? five minutes.
the benefits are a boon to solvency with very little impact to security if managed correctly.
and that’s why you build redundancy and image scanning into your pipeline.
to not use a technology like containers based entirely on a generalization of “security” ignores the obvious security benefits of using a sandboxed environment that can run almost anywhere.
it used to take an hour to release new code into the services I own where I work. with containerized services it takes me five minutes. sure, the builds and scans and qa takes a day but the apps have never been this stable before.
rollbacks would take all fucking night. now? five minutes.
the benefits are a boon to solvency with very little impact to security if managed correctly.