Loading…
This event has ended. Create your own event → Check it out
This event has ended. Create your own
View analytic
Tuesday, June 21 • 2:25pm - 3:10pm
Securing the Container Pipeline at Salesforce
Customer trust and security is paramount for Salesforce. While containerization is great for DevOps due to flexibility, speed, isolation, transient existence, ease of management and patching, it becomes a challenging environment when the sensitivity level of the data traversing the environment increases. Monitoring systems, applications and network; performing disk, memory and network forensics in case of an incident; and vulnerability detection can easily become daunting tasks in such a volatile environment.

In this presentation we would like to discuss the infrastructure we have built to address these issues and to secure our Docker container platform while we rapidly containerize Salesforce. Our solutions focus on securing the container pipeline, building security into the architecture, monitoring, Docker forensics (disk, memory, network), and automation. We also would like to demonstrate some of our live memory analysis capabilities we leverage to assure container and application integrity during execution.

Speakers
avatar for Cem Gurkok

Cem Gurkok

Lead Information Security Engineer, Salesforce
Cem specializes in cloud computing security, system security architecture, incident response, digital forensics, malware analysis, litigation consulting, R&D of security software. Prior to Salesforce he lead R&D, incident response and development teams in Terremark, Verizon, LinkedIn and various Fortune 500 companies. He has presented at conferences such as, RSA, Forum of Incident Response and Security Teams (FIRST.org), Hack In the... Read More →


Tuesday June 21, 2016 2:25pm - 3:10pm
Ballroom 6B