Glenn Brunette is a Distinguished Engineer
and leading security practitioner at Sun. He and I sat down (virtually) to talk about
the
Immutable Service Container
project, a set of tools designed to bridge OS minimization, virtualization, and security monitoring
mechanisms. An increasing number of customers are thinking about deploying applications
to clouds or other virtualized environments in which they can't attest to the provenance of the
underlying hardware and host operating system - ISC provides a thin layer between hypervisor
and guest image that re-defines the
"trust, but verify"
maxim for new current generation of deployers.